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Third Annual NSIUWG Conference 
NSI networking in the nineties 
March 30 - April 3, 1992 


Schedule of Events 

(Subject to change) 

MONDAY , March 30 

5:00 - 7:00 

Registration and No-Host Reception 

7:00 - 8:30 

Executive Planning Meeting 

TUESDAY, March 31 

Opening Plenary 

8:30 - 8:45 

Opening Session 
R. Zwickl / NOAA-ERL 

8:45-9:15 

NSI Program Update 
A. Villasenor / NASA HQ 

9:15-9:45 

NSI Project Update 
C. Falsetti/ARC 

9:45 - 10:00 

BREAK 

10:00 - 12:00 

S, P £ n !l : Hi I^ h o tS ’ ? atUS ° f Previous Ridings, Current Issues 
John Martin, SNP/ Sterling 

Milo Medin, NSI Engineering / ARC 

J_ Patrick Gary, NSI User Services & Applications / GSFC 

Ron Tencati, NSI Security /Hughes STX 

12:00 - 1:30 

LUNCH 

1:30 - 2:30 

Plenary: Subgroup Agenda Review 

2:30 - 5:30 

Subgroup Meetings 

• Networking 

• User Services/Applications 

• NSIUWG Organization 

5:30 - 6:00 

Executive Committee Meeting 

Exhibit Area open from 10:00 to 5:00 

PRSQEDfNCi PAGE 
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N 51 networking in the nineties 
SCHEDULE OF EVENTS 


WEDNESDAY, April 1 

8:30 - 8:45 Subgroup Update (in plenary) 


Science Networking Keynotes 

8 45 - 9:30 UARS Project 

D. DeVito /GSFC 


9:30- 10:15 MARS Observer Project 
****** 


10:15 - 10:45 BREAK 

Network Information / User Services Plenary 

10:45 - 11:30 Internet Information Servers 

Joyce Reynolds / ISI 

11:30 - 12:15 X.500 White Page Service 

Peter Yee/ARC 


12:15 - 1:30 LUNCH (No Host) 

1:30 - 2:00 Possible Plenary Session 


Subgroup Meetings 

2:30 - 5:00 Parallel Subgroup Meetings 

(Break • Networking 

3:00-3:15) • User Services/Applications 

• NSIUWG Organization 


7:00 - 10:00 GROUP DINNER (No Host) 


Exhibit Area open from 8:00 to 5:00 
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HIS l Networking in thE Nineties 

SCHEDULE OF EVENTS 


Thursday, April 2 

8:30 - 8:45 Subgroup Update (in plenary) 

Network Communications Technology Plenary 

8:45 - 9:30 Internet Forecast 

Vinto Cerf/CNRI 

9:30-10:15 NASA NREN 

Milo Medin / ARC 

10:15 - 10:45 BREAK 

Network Applications Technology Plenary 

10:45 - 11:30 Distributed Visualization 

Horace Mitchell / GSFC 

11:30 - 12:15 TAE 

Marti Szczur/ GSFC 

12:15 - 12:30 Overview of Tutorials and Demos 

12:30 - 2:00 LUNCH (No Host) 

2:00 - 5:00 Exhibits (in parallel with tutorials) Tutorials (in parallel with exhibits) 

On-Line Info Servers (NONA, 
Archie, etc.) 

NIC staff 

Host Security (VMS & UNIX) 

Ron Tencati / Hughes STX 

Introduction to TCP/IP 

John McMahon ITGV, Inc. 

Exhibit Area open from 8:00 to 5:00 


EOS DAAC NCDC & PLDS 
NCCS Visualization 
NSI NOC & NIC 
NSSDC Master Directory 
TAE 
TGV 

X.500 White Pages 
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[HSI Networking in the Nineti 

SCHEDULE OF EVENTS 


Friday, April 3 
Closing Plenary 

8:30 - 12:00 Subgroup Summaries 

• NSIUWG Organization 

Linda Porter /MSFC 

• User Services/ Applications 
Neil Cline I JPL 

• NSIUWG Organization 
Ron Zwickl / NOAA-ERL 

12:00 Adjourn 

1:30 Tour of GSFC 


Exhibit Area open from 8:00 to 12:00 
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PLENARY SESSIONS OF THE THIRD ANNUAL NSIUWG 

Tuesday, March 31 Wednesday, April 1 Thursday, April 2 Friday, April 3 
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PARALLEL SUBGROUP MEETINGS OF THE THIRD ANNUAL NSIUWG 


2:30 


Break 

3 : 00 - 3:15 


5:00 


2:30 


Break 

3 : 00 - 3:15 


5:00 



Room A Room B Room C 


Networking 

Chair. Linda Porter/USFC 
Tentative Aaenda: 

Information/User Services 
Chain Neil Cline/JPL 
Tentative Agenda: 

NSIUWG Organization 

Chain Ron ZwIckVNOAA - 
ERL 

Terrtatiyf Agenda: 

• NSI network update 

(technical status report) 

- network architecture 

- protocol summaries 

- protocol encapsulation 
update 

- network management 
tools used by the NOC 

• NSI futures 

- Frame relay? 

- XTP? 

- OSPF ’‘type of service” 
routing? 

- other futures 

• Welcome 

Neil Cline/JPL 

• NSIUWG Direction 

Pat Gary/GSFC 

• User Services on the 
Internet 

Joyce Reynolds/ISI 

• Internet Cruise 

Laura Kellehar/Merit 

• NSI NIC Organization and 
Functions 

Brian Lev/Hughes STX 

• NSIUWG direction 

• Other TBD 

Room A 

Room B 

Room C 

Networkina 

User Services/ Aoolications 

Applications 

Chair: Linda Porter/MSFC 

Chair: Neil Cline/JPL 

Chair: Dennis Gallagher/ 

Tentative Aaenda: 

Tentative Aaenda: 

MSEC 

Tentative Agenda: 

• DECnet and OSlin the NSI 

• Summary of Tuesday** 

• Crush 

-What has NASA/NSJ 

Discussion 

Ed Seiler/Hughes STX 

done since last meeting? 

Neil Cline/JPL 


- NSI and the HEP-SPAN 


♦ Scientific Visualization 

DECnet Coordination 

• NSI NIC Help Desk: What 

Alan McConnell/Pixel 

Group 

H Does; How H Can Help 

Analysis 

- Implementation of Phase 

You 


V/OSI in ESnet-DECnet 

Bill Yurcik/Hughes STX 


- DECdns naming plans 
and current Implementa- 

• Procedures for Providing 


tion 

Network Connectivity 


- NSI plans for support of 

John Martin/Storting 


CLNP 

Software 


• Question & Answer 

• Open Discussion 

• NSI NIC Possibilities 

- info Tools on the internet 

• User Concerns 

• Feedback on Subgroup 

=TO*T 
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TUTORIAL SESSIONS OF THE THIRD ANNUAL NSIUWG 
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II. Meeting Summaries 
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NSI User Working Group Conference Overview 

On March 30 through April 3 approximately 130 NSI users attended 
the Third Annual NASA Science Internet (NSI) Users Working Group 
(NSIUWG) Conference at the Marriott Hotel in Greenbelt, Maryland to 
learn more about NSI, hear from projects which use NSI, and receive 
updates about new networking technologies and services. The 
NSIUWG Conference was sponsored by the NSI User Support Office, 
which is managed by the GSFC Science Network Office/Code 930.6, 
and was coordinated by Lenore Jackson of the NSI USO. 

The plenary sessions gave listeners the opportunity to hear from a 
variety of invited speakers. These included NSI project management, 
scientists and NSI user project managers whose projects and 
applications effectively use NSI, and notable citizens of the larger 
Internet community, such as Joyce Reynolds of the University of 
Southern California Information Sciences Institute, Dr. Vinton Cerf of 
the Center for National Research Initiatives, and Laura Kelleher of 
Merit Network, Inc. User subgroups were Networking, chaired by 
Linda Porter of Marshall Space Flight Center, User Services & 
Applications, chaired by Dr. Neal Cline of the Jet Propulsion Lab, and 
NSIUWG Organization, chaired by Dr. Ron Zwickl of the National 
Oceanographic and Atmospheric Administration. One afternoon 
offered well-attended tutorials covering the implementation and use 
of X.500 services, an introduction to TCP/IP, using NSI Network 
Information Center services, and network-oriented security for both 
VMS and UNIX operating systems. Several NASA projects also held 
demonstrations in the Exhibit Area which was interconnected with 
theNSI at 1.5 Mbps throughout the week. 

The NSIUWG Organization Subgroup proposed a number of changes 
for next year's meeting. For example, because the users wanted the 
sense of the conference to be understood less as a working group and 
more as an information exchange, the name next year will change to 
the NSI Users Forum. This reflects the evolving nature of the 
conference as a forum for dialog among network users, NSI project 
personnel, and representatives of various online resources. The 
Organization Subgroup having completed its job, planning for next 
year's meeting will begin with only the Networking and User 
Services subgroups, although others will be added as emerging 
interests demand. An updated mailing list and improved means of 
announcing the annual meeting were also recommended. 




PA3E 
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Some of the elements of the conference which users suggested not be 
changed were convening annually in March, rotating to sites 
alternately on the East and West Coasts, retaining the subgroups as 
an integral part of the meeting, and including presentations by 
speakers from outside NSI and even outside NASA. 

The USO wishes to thank all of the presenters, tutorial instructors, 
exhibitors, and NSI user attendees who participated in making this 
NSIUWG Conference a success. The project and all its users thank Dr. 
Ron Zwickl, Conference Chair, and Linda Porter, Network Subgroup 
Chair, for their years of service. Both are stepping down this year. 

****** 


Plenary Presenters: 

Mr. Jeffrey Burgan, Sterling (NSI) 

Dr. Vinton Cerf, CNRI 

Dr. Theodore Clarke, JPL (Galileo) 

Mr. Daniel DeVito, GSFC (UARS) 

Ms. Christine Falsetti, ARC (NSI) 

Mr. J. Patrick Gary, GSFC (NSI) 

Mr. John Martin, Sterling (NSI) 

Dr. Horace Mitchell, GSFC (NCCS) 

Ms. Joyce Reynolds, ISI 
Ms. Marti Szczur, GSFC (TAE) 

Mr. Ron Tencati, Hughes STX (NSI) 

Mr. Anthony Villasenor, NASA HQ (NSI) 
Mr. Peter Yee, ARC (ISODE) 

Dr. Ron Zwickl, NOAA/ERL 

Subgroup Presenters: 

Dr. Randy Barth, Hughes STX (NSI) 

Mr. Jeffrey Burgan, Sterling (NSI) 

Mr. Todd Butler, RMS/GSFC 
Mr. Phil DeMar, FNAL/DOE 
Mr. J. Patrick Gary, GSFC (NSI) 

Ms. Laura Kelleher, Merit 
Mr. Brian Lev, Hughes STX (NSI) 

Mr. John Martin, Sterling (NSI) 

Dr. Alan McConnell, Pixel Analysis/GSFC 
Mr. John McMahon, TGV 
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NSIUWG 

Organization Subgroup 


Findings: 

1. Name needs to be changed to NSI Users Forum 

2. Continue annual meeting, retain March time frame 

3. Meeting site will vary 

- Retain East/West rotation 

- Can hold meetings at other sites 

4. Subgroups are a necessary part of annual meeting format 

- Do not want a seminar format 

- New Subgroups will be formed as needed 

- Currently two subgroups: Networking, User Services 

5. Need updated, more complete mailing list 

- Announce annual meeting 

6. Continue to have presentations from outside of NSI 

7. Support National Meetings 

- Could have lower level of support, such as local dial-up 

8. Regional User meetings be held during National Meetings 
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NSIUWG Network Subgroup Meeting Summary 
March 31- April 1, 1992 
Linda Porter/ Subgroup Chairman 

Anywhere from 20 to 50 people attended the network subgroup 
during the two afternoon meeting days. During the two days, various 
speakers provided much technical information on NSI. Discussions 
were limited to questions and answers. No formal findings were 
established, however several requests were made: 

Day 1: 

o One or more postscript maps of the network with IP 

addresses and DCCnet addresses should be made 
available. The "network" in this case is^ the NSI 
backbone and directly connected NSI sites’ over 

a) Proteon or DEC h/w 

b) encapsulated (logical DECnet connectivity only) 

The idea is to be able to look at a map and visually trace 
one's way through the network under either TCP/IP or DECnet. 
These maps should be made available on the NSINIC and kept 
up-to-date. 

o Ability to traceroute DEC paths through NSI (similar 

to ESnet/DECnet capability) The current problems (lack of 
support) with the NSI provided Proteon routers is understood, 
however it was noted that in a few months Proteon would be 
supporting both a nonprivileged access mode and SNMP MIB for 
DECnet functions. Both tools would be invaluable to the 
network community, and NSI is requested to keep the 
community apprised of new developments. 

Day 2 : 

o There is a mail exploder for DECnet to OSI transition 

set up for DECnet PV/OSI information. The address is 

DECNET-OSI-TRANSITION0NSIPO.NASA.GOV 

to be placed on this list, send a request to the address: 
DECNET-OSI-TRANSITION-REQUEST0NSIPO.NASA.GOV 

o A request was made to create a Usenet News Group 

for NSI DECnet to OSI information. 

* 

o Some significant issues were raised with the DECnet VMS/OSI 

product scheduled for release in the summer timeframe. The 
VMS product will not fully support full (hierarchical, DECdns) 
names at first customer ship (FCS) . Primary concern is lack of 
support for RMS. SET HOST and MAIL however, will be 
supported. Users were asked to make their concerns known to 
their local Digital offices, if they felt this was a problem in 
implementing the product as a result. Also, mail can be sent 
to SEGREST0DC1O1.DCO.DEC.COM (Robert Segrest, DEC Network 
Strategic Coordinator for DOE/NASA) . 
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NSIUWG '92 
User Services Subgroup 
(A) Follow-up On Last Year's Meeting 



Network Requirements Processing 

• no customer problems reported 

• further improvements in planning and 
processing reported 


User Help Desk 

• implemented by USO as outlined last year 

• network support problem at JSC noted last year 
appears to have been solved 


NSIUWG '92 
User Services Subgroup 
(A) Follow-up On Last Year's Meeting 
(Continued) 


The NSI NIC 


• operational as advertised last year 

• menu-driven system (NONA) demonstrated 

• user requirements still needed 

• USENET feed being provided as needed; 
demand for USENET newsgroup not establsihed 

• X.500 involvement by NSI demonstrated 

Conference Support 

• plans and schedule for FY 92 shown 

• formal process for authorization established 



17 




NSIUWG *92 
User Services Subgroup 
(B) Findings 




(1) NSl User Services need to be advertised in 
media read by NASA scientists. 

(2) E-mail distribution services need to be made 
available to NSl customers. 

(3) There is considerable user demand for 
on-line availability of network maps, statistics, 
and performance information. 



NSIUWG '92 
User Services Subgroup 
(B) Findings 


(4) E-mail user comments, concerns, etc... should 
be solicited prior to the next NSIUWG 

(5) X.500 pilot support should be continued 

(6) User Support Officed and Planning Office has 
assembled exceptionally dedicated & talented 
teams; NASA should make sure they are 
maintained 
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III. Presentation Material 
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NSI Program Update 
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. . . for Today's Research Environment ! 
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NSI Acceptable Use Guidelines 


SUMMARY: 

NSt supports all NASA science flight missions, discipline research 
programs, snd collaborating scientists at NASA Centers and elsewhere. 

NSI Is not to be used for private gain or profit. 

SPECIFIC USES: 

1) Use of NSI musl be In support of official NASA programs; all user requests for NSI 
connectivity must be validated and supported by cognisant OSSA Discipline Chiefs. 

2) Use of NSI to support coordination and administrative execution of OSSA research grants Is 
permissible; 

3) Use of NSI to support NASA research, related training, and associated technical activities at 
non-profit Institutions of research and education Is acceptable. 

4) Use of NSI for commercial or Intellectual gain by for-profit organizations is not acceptable, 
unless those organizations are using NSI to satisfy specific NASA contract or grant 
requirements. 

5) Use of NSI for research or education at lor-profit institutions will be reviewed on a 
case-by-case basis to ensure consistency with OSSA programs; lack of program approval 
will result In disconnection. 

6) Use of NSI to gain unauthorized use of resources attached to NSI will result In 
disconnection and legal prosecution. NSI will make every attempt to Implement precautions 
to safeguard against unauthorized use of NASA computers, databases, and other attached 
federal resources. 


NSt - NASA Scknct Internet 


NSI Grades of Service 


BASIC SERVICE 

• Required connectivity to data archives, computational facilities, and collaborators 
worldwide; up to 56kbps 

• Reliable communications monitored continuously (24 x 7), including automatic 
fault detection procedures initiated within minutes of occurrence. 

. Full Interoperability with science and research communities via NSFnet, ESnet, 
and other INTERNET networks In the U.S. and abroad; also Interoperable with the 
evolving NREN. 

• Broad spectrum of network applications including electronic mall, file transfer, 
remote log-on, etc. 

• User consultation and technical assistance through NSI ‘Help Desk'* and network 
documentation. 

PRIORITY SERVICE 1 

All the above, plus: 

• Dedicated private circuits between specific facilities. 

• Very high performance service, T 1 or greater, to end users. 

• Non-standard Installations and applications requiring specially engineered 
solutions snd equipment. 

• Large Influx of requirements for new circuits needed for operational use within two 
years of current budget cycle. 



26 





PRIORITY SCHEMA (2/20/92) 


INFRASTRUCTURE 

0 Provide a high quality, reliable, 24 hour per day by 7 days a week, open access network 
connecting all current OSSA science missions, (nvesligaiors, their data archives and 
computational resources. Includes basic network services such as e-mail, tile transfer, 
remote logon, Internal & Inter-Cenler access, security management, and basic science 
conference support as approved by the ISMB, etc. 

MISSION SPECIFIC RESOURCES 

1 Current active missions and campaigns where dala is now being acquired and used for 

science analysis; e.g.,UARS, GALILEO, KAO, elc. ° 

2 Near-lerm missions, campaigns, & research pro|ecls which will require NSI services In 6 
months (circuit order lime), e.g., EOS, ISTP, Balloons, etc. 

3 ?™ S c A Infrastructure or science projects with management visibility: key science conferences, 
JOVE, Eastern Bloc access, coordination with PSCN, ICCN, NSF, OAET/NREN, elc. 

4 Long-term missions A projects: Antarctica, AXAF, elc. 

5 Generic network services lor space science community not directly traceable lo specific 
pro|ect or discipline requirements: DECnet Phase V planning, performance measurement 
requirements management, security, industry (IETF) collaboration, elc. 

6 ue!ntS|l n . 0l0 K y i such 85 n «lwork applications, software/hardware upgrades. 

NSIUWG technical forum, OSI transition planning, satellite-ground Interoperation, Appletalk 
encapsulation, packet radio applications, elc. In general, items that Improve NSI robustness. 

7 Science conferences with supplemental funding, support lor external activities such as NIST 
testbed, elc. Items that do not eflecl "NSI success" as perceived by OSSA Divisions. 

•0 * ht§h09$ jrtorty 


NSI • NASA Scfenc* Internet 
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MSI 


INTERNET COMMUNITY 


IAB* OvarsMt th« tnglnMrlng ol lb* inlarnal 



V. 


COMMERCIAL NETWORK A CARRIER SERVICES 


Am. MCI. SPRINT, Itafltontf BOC«, 
IBM, DEC, Appto, ProtMA, CImo, WMMImi. 
PSI, ANS, Edueom, ate. 






MSI - NASA Sctenc« Inlftrrxl 



MSI - NASA Sctenc# Inter rtet 
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Engineering & Operations Working Group 


MEMBERS 

INITIAL MEMBERSHIP OF THE EOWG WOULD CONSIST OF BUT NOT BE LIMITED TO 
THE FOLLOWING, BECAUSE OF THEIR STRONG VESTED INTEREST IN THE 
ENGINEERING AND OPERATION OF THE INTERNET: 

Tony Villasenor, NASA - Chairman 
Slave Wolff, NSF - Vice Chairman 
John Cavalllnl, DOE • Vice Chairman 
Bill Bostwick, U.SJCCIRN 
Paul Mockapertls, DARPA 
TBD, PARNET 
TBD, IAB 

Note: Operations managers of key federal networks may be Included as 
members. The EOWG will provide delegates to CC1RN meetings. 


NSI • NASA Science Internet 


Federal Internetwork Exchange ("FIX”) 


An Example 


UNK TO AGENCY 
BACKBONES 


UNK TO AGENCY 
BACKBONES 


LINK TO AGENCY 
BACKBONES 


UNK TO INTERNATIONAL 
REGIONAL UNK 



Cmpr) 


MULTIPROTOCOL ROUTER 


NSI - NASA Science Internet 
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CCIRN 


COORDINATING COMMITTEE FOR INTERCONTINENTAL RESEARCH NETWORKING 

Th« purpose ol tbs CCIRN Is lo agree and progress a set of activities to achieve 
Inter-operable networking services between participating entitles (currently North 
America and Europe) to support open research and scholarly pursuit. Policy, 
management, and technical Issues will be sxamlned, based on agreed 
requirements. More precisely, the committee aims to: 

a. stimulate cooperative Intercontinental research by promoting enhanced 
Interoperable networking services, specifically 

- promoting the evolution of an open, International research network In line 
with official policies on the use of international standards, 

• coordinating and facilitating effective use ol the International networks to 
enhance the quality of research and scholarship. 

b. optimize use of resources and to coordinate International connections of the 
networks represented on the CCIRN 

c. coordinate development of International network management techniques 

d. exchange results of networking research and development 


NSt - NASA 8cJ* *nc* Internet 


International Technical Coordination 


CURRENT ACTIVITIES 

• Inter-continental link coordination and planning 

• global domain name system 

• uniform network statistics and monitoring 

• global registration 

• global routing 

• national character sets 

• coordination among network control centers 

• CLNS Introduction 

• mapping 

• electronic mail interoperability & reliability 
FUTURE TOPICS 

• international X.400 with X.500 directory services 

• international voice/video teleconferencing 

• resource accessibility; authorization; control 

• resource control: costing and accounting 

• relevant national policy concerns 

N9 • NASA Sd«nc« MMMt 
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N8I • NASA SdWM Intern*) 
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NSI Project Update 
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The NASA Science Internet - 
NASA's Worldwide Science Communications Network 

NSIUWG 1992 


Christine M. Falsetti 
NASA Science Internet Office 
Intormetlon and Communications Systems Division 
AMES RESEARCH CENTER 

NASA 


Outline 

I. Background 

II. Current Services and Architecture 

III. Future Directions 


HAMA Mnim M *4—* ON* 


CMFalsettl 2 



Recognizing that science communications networking is an Integral 
element of successful science, the NASA Science Internet Office was 

1988 to Drovlde fiommunlratlnnA tn uaca'o 


established In 1988 to provide communications to NASA's entire 
wnunlty. NSI absorbed U.S. SPAN and NSN when the 

IO f APm bill/ AfltAklleliA«4 


science community. .wi B u« W imu 
program was formally established. 


! throughout NASA centers and research Institutions worldwide. 

NSI ’8 goal Is to provide a high-speed communications network that 

£5 nnec l? 8,1 8 i P 8C ® *clontlata |1 providing ready access to data and 
Information stored anywhere In the world. — 



NASA Scl9fK9 tniwmH Profrct Otttc * 


CMFalselti 3 



37 








MAM *mmH Pro^ Offh» 



Service Organization 


SCIENCE 
NETWORK 
PLANNING ilv ! 

ENGINEERING 


APPLICATION 

SERVICES 


USER 

SERVICES 


OPERATIONS 
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Value-Added Services 


Science Network Planning 
Systems Planning - MOU development 
Requirements management and validation 
Tracking and Status Reporting 

Conference Management Enolneerlna 

Network architecture configuration, 
Custom design & documentation 
Network service acquisition and testing 
Development & Implementation of 




Metwdrkooeraf 


7-day, 24-hr.iNetwork Or 

Network Monitoring anti Tf 

Problem Management: rep6rfti1( 
Equipment Instellstfon&t 
Upgrades, 
and Malntenanc 


Security measures and tools 


User Support Services & 
.Applications. Development 
Coordinate Integration otOSSA 
Information Systems 
latla 


Network Information Center 
* White/Yellow Pages directory services 
User Help Desk 
NSI User Working Group 


NASA Scltnc0 Project Otflc* 


CMFalseMi 7 


Community Served by NSI 


NSI PROVIDES SERVICE TO: 
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Planning Process 

ft I Contact Science 

Discipline 

Understand and Participate in 

Information Systems Planning Process 
and Requirements Development 

Identify and Conceptualize 

Communications Architecture 


"Working Together " 



Draft and Sign Discipline MOU 



Transfer to Production 
Manage Requirements 
throughout operation 
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Outline 


I. Background 


II. Current Services and Architecture 


III. Future Directions 
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NSI OSSA Requirements 


Code S 

Office of Space Science & Applications 

148 

Code SB 

Life Sciences Division 

21 

Code SE 

Earth Science &• Applications Division 

886 

CodeSL 

Solar System Exploration Division 

260 J 

Code SM 

1; 

Flight Systems' Division 

8 ' 

Code SN 

h 

Microgravity Applications Division 

4 i 

Code SP 

Admlnlsiratiohi|p 4 ^eisourceMgmt Division 

o i 

[code SS 

Space Physicslp^ifsion 

158 

CodeSZ 

Astrophysics Division 

82 1 
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NSI Acceptable Use Guidelines 


SUMMARY: 

NSI supports all NASA science flight missions, discipline research programs, and collaborating scientists at 
affiliated research Institutions. 

NSI Is not to be used for gain or profit by non-NASA organizations engaged in non-NASA business. 

SPECIFIC; 

1) Use of NSI must be in support ol official NASA programs; all user requests tor NSI connectivity must be 
validated [and possibly funded] by cognizant OSSA Discipline Chiefs. 

2) Use of NSI to support coordination and administrative execution of OSSA research grants Is permissible; 

3) Use of NSI to support NASA research, related training, and associated technical activities at non-protit 
Institutions of research and education Is acceptable. 

4) Use of NSI for commercial or intellectual gain by for-profit organizations Is not acceptable, unless those 
organizations are using NSI to satisfy specific NASA contract or grant requirements. 

5) Use of NSI for research or education at lor-prolil institutions will be reviewed on a case-by-case basis to 
ensure consistency with OSSA programs; lack ol program approval will result In disconnection. 

6) Use of NSI to gain unauthorized use of resources attached lo NSI will result In disconnection and legal 
prosecution. NSI will make every attempt to Implement precautions lo safeguard against unauthorized 
use of NASA computers, databases, and other attached federal resources. 
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Process to Prioritize OSSA requirements... 


Identification and 
Initial Priorlzatlon of OSSA 
Requirements 


NSI Requirements Based 
Budget Proposed 


•• Requirement must be prioritized 
by the Division within NSI's ability to 
implement; excess requirements are 
delayed or funded separately. 


ISMB Interdisciplinary Priority Cutoff 


Final Review 
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Priority Schema as of 2/20/92 


INFRASTRUCTURE 

°‘ n 9 ccrt y ’ r8liaWe ’ 24 houf per day by 7 days a week - °P« n a “ess network connecting 

in/^2 , k. SA f 0 * 9 ? 00 missions. investigators, their data archives and computational resources 
^. n8 services such as e mail, tile transfer, remote logon. Inlernel & Inter-Center 
access, security management, and basic science conference support as approved by the ISMB etc 
MISSION SPECIFIC RESOURCES 

' ^^S.GA*S“oTAo' S r'™ ^ ^ * CV * , *‘ M USM 

2 ” h,ch "**• 

3 Pa S l A '^ S,rUC,Ure W Sd ! nce ^ejects with management visibility: key science conferences, JOVE 
Eastern Bloc access, coordination with PSCN. ICCN, NSF. OAET/NREN, etc. 

4 Long-term missions & projects: Antarctica. AXAF. etc 

5 ne,work services for space saence community not directly traceable to specific project or 

m^'2 8 LT reni8 ? ,S: . ? ECne !,^ ase V P lannm 9. performance measurement, requirements 
management, security, industry (IETF) collaboration, etc. 

6 Jarhn^anJvMm ” cem « n ls. ? uch as ne,WOfk applications, soltware/hardware upgrades, NSIUWG 

• ? S , rans " on P* ann,n 9. satellite-ground interoperation. Appletalk encapsulation 
packet radio applications, etc. In general, items that improve NSI robustness. 

' ^° 0f ], < ' 0 C0 , n k ,8 [w nC8S . wi 1 l , h supplemental funding, support for external activities such as NIST lestbed 

etc. Items that do not ellect f SI success" as perceived by OSSA Divisions. 

*0 • Nphori priority 
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NSI Today 


connectivity 

£3 " ** 1"^ 205 

'«*»'* SS/rE, 58 """ s "“- 

Access to most U.S. universities & labs 
Access to -3 million users via t/ie Inlernel 
Most major countries In Europe & Asia 
SERVICE 

pe?»5rKe manCe * NS ‘ COn,inual, y u W fades *•"**»»■ wMe opt.m,zing and tuning the network 
review 0 Xy’JJriE^ ' Eslablished slron 9 ,i8s with OSSA Divisions to 

*r,:^ 

C^, F r a, ^“ al '^ng coXnatton eHorts XXsThe 

INTEROPEHABii ity 

Between TCP/IP and DECnel science networks 

US’ urtversi « 8s ,h « kernel, NREN. Regional * Campus networks 
With commercial networks: Sprint, Omnet, PSI ANS etc 

With key universities and research lacili.ies in Europe. Asia. S. America. Auslralia. New Zealand 
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NSI Challenges 


Environment; 

• NSl Is strictly requirements driven. Networking services are in high demand as shown by 
explosion In OSSA requirements. As OSSA requirements grow, then more resources are 
needed to satisfy demand, despite NSI’s leverage & economies of scale, since every site 
demands unique attention. 

• Current network architecture is a complex, interdependent service web with federal and 
international network service providers. 

• Emerging NREN and new ISON broadband technologies will provide challenges of 
Incorporation in our networking infrastructure. 


Current lasuea: 

• Requirements are growing much faster than current NSI resources can meet; growth rate 
Is -400 requirements per year vs. implementation capacity of 200 per year; many FY92 
requirements will be delayed to FY93 & 94. Tight FY92 budget put NSI behind the curve 
and It cannot catch up. 

• Dependency on NSFnet as backbone supplier in FY94 uncertain. NSF plans to dismantle 
NSFnet on April 1994 & switch to NREN, without testbed demo, for routing & backbone 
mgmt NSI needs to use PSCN backbone links to Regionals/Commerclals. 

• EOSnet Is the most critical 'success' component of EOSDIS, as determined by NRC 
Review. 
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NETWORK REQUIREMENTS 


Projected Requirements 
(with EOS) 



IW' 1 Infract mrtiirp P 

1 NJpw Miccirtn 


Users 

Specific Users 

uuiuBiinc 

Funding Level 
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NSI Management Options 


1. Advocacy ol OSSA Information Systems Budget to indude NSI overguideline requests. In FY93, 
this would accommodate new/delayed requirements from EOSDIS, UARS. Crustal Dynamics, 
Mars Observer, ISTP, SLS & IML, FLINN, rockets/balloons, etc In FY94, NSI would establish a 
new baseline to catch up with requirements growth, use new PSCN circuits during NSFNET 
transition & stabilization to NREN. continue to build EOSDIS Network, accommodate emerging 
local site ethernets with high bandwidth workstations, and address proliferating OSSA 
requirements for NREN usage 

Advantage: Program retains its interdisciplinary perspective and leverage. Economies of scale 
and networking efficiencies are maximized across disciplines and priorities are established at an 
interdisciplinary level with support from the ISMB. 

Result: Economies of scale and efficiency are maintained as interdisciplinary perspective is 
ensured. 


2. NSI directly negotiates supplemental lunds from each Division Initiate a division tax scheme in 
FY93/94 time frame. 

Disadvantage: Program serves individual discipline interests as opposed to a unified OSSA 
program. Many captains leading ship . loss ol interdisciplinary efficiencies and control. 

Result: Economies of scale and efficiencies compromised Interdisciplinary perspective is not 
ensured. Program may become fragmented as discipline interests are not moderated. 


NSI Recommends Management Option Number 1 


NASA Selene* Interne* Prof* el Other CMFatselli 24 
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Outline 


I. Background 

II. Current Services and Architecture 

III. Future Directions 
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Vision 


• A single integrated network, under OSSA control, tailored to 
NASA science needs 

• Transparent ubiquitous access to science data archives, 
computational resources, and colleagues worldwide 

• Total spectrum of network services: guaranteed bandwidth, 
priority routing, selective routing, protocol transparency, 
multi-media, etc. 

• Common use of distributed network applications & services: 
online directories (white & yellow pages), robust electronic 
mail, distributed databases, etc. 

• Full interconnection with national network infrastructures, 
especially the NREN 

• Fully controlled access to NASA resources 


NASA Mmn Ptifrtt CVAc# CMFafeetti 26 
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National Research & Education Network: Plan 


The NREN will be a computer communications network that 
interconnects: 

• educational institutions 

• national laboratories, non-profit research institutions, 
and government facilities 

• commercial organizations engaged in 
government-supported research or collaborating in such 
research 

• unique national scientific and scholarly resources such 
as supercomputer centers, major experimental facilities, 
databases, and libraries 


The NREN will provide high speed communications access to 
over 1300 institutions across the United States within 5 years. 


masa irt w w mmni * 4 »«f office CMFatsatll 27 


NREN Stages 


Stage 1 - upgrades existing agency trunks to 1.5 Mbps 


Stage 2 • combines multiple agency trunks into a 
shared 45 Mbps trunk system 


Stage 3 • research & development phase to result in a 
shared national network with multi-gigabit-per- 
second trunks; technologies yet to be developed. 
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NR EN Phases 


Stage 3 
Gbps 


Operational Net 


Testbeds and Experimental Networks 


Research and Development 


Revolutionary 
Technology 
Changes 


Stage 2 
45 Mbps 


Stage 1 
1.5 Mbps 


Operational Network 


Evolutionary 
manges 


Operational Network 


Stage^t & 2 Development 


Transition to 

Commercial 

Services 
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Planning Office Status Report 
NSIUWG Meeting Greenbelt, MD 

March 31, 1992 

John H. Martin 


NASA Science Internet Office 
Information and Communications Systems Division 
AMES RESEARCH CENTER 

NASA 
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Requirements Manaqement Grou 



Provide "Customer Service" to OSSA Scientific User Community 

Define, Document, and Report all OSSA Communication Requirements 

Manage Requirements Throughout Entire Process 

Draft and Facilitate MOUs with Disciplines 

Plan Future Networking Requirements with Disciplines 

Involved with Planning and Development of OSSA Integrated Scientific 
Resources/Systems 

Provide OSSA Conference Support and Outreach Activities 


Work Control Group 

Track OSSA Requirements and Manage Requirements Information 

Provide Requirements Reporting Information Tools (charts, graphs, 
reports) to Increase NSI Responsiveness to OSSA Community 

Provide Tracking and QA of NSI Internal Requirements Processing 

Management of NSI Database Systems 

Provide NSI Circuit and Reporting Information to Communications Carriers 

Overall Tracking of NSI Processes and Procedures (l.e., validations, NSR, 
RFS, USR, outreach documentation) 
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JOHN H. MARTIN, MANAGER 
PLANNING OFFICE 


CODE 

pnaruME 

REQUIREMENTS MANAGER 

HQ VALIDATOR 

ALTEflhAIE 

YALJOATflB 

S 

Office of Space Science and 
Ah* cationa 

Maris Galaghar 

Dr. Joseph Alexander 

Mr. RtahChappal 

SB 

Ut Sctencaa 

Shaft Jonas 

Dr. Lawrence Chambers 

Dr nchrod(OKA) 

Kaata 

SE 

Earth Sctenct and 
Appacallone 

Regina Duda 

Mr Emasl Lucter 

Mr. Dixon Butter 

SL 

Solar System Exploration 

Jo Ann Nelson 

Mr Guamar Strobal 


SM 

FftgN Systems DMston 

TOO/ John Marlin 

Dr Philip J. Grassy Jr 


SN 

Mtocgrartr Sctencs and 
AppHcattona 

Shaft JonatfMsria Galaghar 

Mr. Robert SchmiU 

Ms. Mary Kicza 

SP 

AdmWalrUon and Resource 
Management DMalon 

TBCVJohn Martin 

Mr. Sooh Sandago 


SS 

Spaca Physic* 

Marla OaftaQhar 

Dr Jamas Wfttea 

Mr. Loute Damas 

sz 

Astrophysics 

Elizabeth Fainter 

Dr. Enrin Schmertlng 

Dr. Quarter Rtegter 

— 

OSSA Conlsrtnca Support 

HaNte Carlson 

— 

— 


Overview 


I. Organization 





OSSA Requirements Profile 
Highlights and Future Growth 
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Planning Office Services 


Requirements Planning 


Requirements Management 


Long Range \ 
Requirements Projection > 

Intradlsclplne 

Requirements Prioritization 

Requirements Impact 
Analysis/Planning 

Discipline Level MOU 

Development 

Resource and Systems 

Planning 

Discipline Level Overview of 
Req's set with HQ Validator 



r Project 

Requirements Statuses 

Manage Requirements 
Throughout Process 

Communications 

Requirements Reviews 

Work with Customer to 
Meet Scientific Goals 

Continual User/PI Customer 
Contact and Feedback 


Conference Support/Outreach 


Requirements Processing 


"Coordinating and 
assuring requirements 
are met " 


NASA SCIENCE INTERNET 


REQUIREMENT IDENTIFIED 


AND PRIORITIZED 
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MOU Development Process 


Understand and Participate In Discipline 
Communications Planning Process 
and Requirements Development 


I Identity and Conceptusllze 
Communications Architecture 


Longer Standing - 1 
Discipline Level 


Progrem Review Cycle 


''Revolving Document • More^ 
Frequent Updates to Meet 
.Changing OSSA Requirements^ 


Draft and Sign OSSA 
Discipline MOU 


Develop Requirements 
Processing Priorltlea/Schedules 


Project Review Cycle 


Draft Project Specific 
Requirements Reference Documents 



Overview 


I. Organization 


II. Services Provided 





. Highlights and Future Growth 
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OSSA Current Requirements 


s SB St EOS SI GM s 


NSI OSSA Requirements Complement 


Code S 
Code SB 
Code SE 
Code SL 
Code SM 
Code SN 
Code SP 
Code SS 
Code SZ 


Office of Space Science & Applications 

Life Sciences Division 

Earth Science & Applications Division 

Solar System Exploration Division 

Flight Systems Division 

Microgravity Science & Applications Division 

Administration and Resource Mgm! Division 

Space Physics Division 

Astrophysics Division 
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Planning Office Highlights/ Improvements 


Increased Requirements Management Staff to Offer Better Level of Service 

Begun Movement Towards "Discipline Level" MOUs 

Integrated Work Control Group within NSI Planning Office 

Further Refined Conference Support Policy and Requirement 
Documentation/Tracking 

Improved Validation Time Through Requirements Managers and WCO 
Greater Emphasis on Planning Effort (Projecting, Scoping, etc.) 

Increased Capacity to Process and Manage Requirements 


Planning Office FY 92 Activities 


Refine and Update NSR Process Through NSR Workshop - 
Look to Include Cost Weighting and NIC Requirements 


LOO c« t °J f ] Cr I eaSe User ’ s f rv lces/NIC Requirements Definition/Tracking 
Effort to Incorporate into Existing OSSA NSR Process 8 

Increase Requirements Manager's Outreach to Scientific Community 

Redesign MOU Process to Develop Discipline Level MOUs 

Step-up Planning Efforts with HQ Disciplines - Schedule Requirements 

Continue Outreach and Conference Support Effort 

Increase User Feedback and Quality Service Mechnlsms/Measurements 

Hold Communications Requirements Reviews Annually 

Standardize Requirements Reporting Format 



61 




Planning Office Schedule 
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NASA Science Internet 
Engineering 
Status Report 


March 31 , 1 992 
NSIUWG 


Jeffrey G. Burgan 
NASA Science Internet Office 
NASA Ames Research Center 
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Engineering Highlights 


• Bacbone circuits upgraded to T 1 

ARC, GSFC, JPL, LaRC, MSFC 
JSC-JPL (448Kb) 

NASA HQ (448Kb) 

• OSI (CLNP and IS-IS) capabilities deployed 

• DECnet Phase IV routing enabled on the backbone 

ARC, GSFC, JPL, JSC, MSFC 

• Phase 1 of DECnet circuit upgrades to 56K completed 


Engineering Highlights (cont.) 

• Arizona DECnet consolidation completed 

via T1 to University of Arizona 

• Colorado DECnet consolidation currently being implemented 

via T1 to NCAR, Boulder, CO 

• DECnet routing implemented between NSI and ESnet 

at both FIX interconnects 

• Upgraded circuit to Univ of Alaska, Geophysical Institute 

PSCN provided T1 to be shared with EOS VO network 

• NSFnet access being upgraded to T3 
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International Access 


• NASA/ESA Connectivity 

NSI connectivity to ESAnet via NASA/PSCN links 
ESOC (256Kb) 

ESTEC (576Kb) 

Currently supports IP routing 
DECnet IV routing being implemented 
PSCN upgrading links in June 

• United Kingdom 

Univ of London (128Kb) 

Oxford University (128Kb) 

Rutherford Appleton Lab (64K) 


International Access (cont.) 

• PACCOM (Pacific Rim) 

Univ of Hawaii (1.5Mb) 

Australia - AARnet (51 2Kb) 

New Zealand (64Kb) 

Hong Kong (64Kb) 

Japan (multiple circuits) 

• Chile - Cerro Tololo Inter-American Observatory (56Kb) 

• Greenland - Sondrestrom Radar Facility (56Kb) 

• Antarctica - McMurdo Station (56K) 
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Network Operations 


• Network Operations Center (NOC) located at ARC 

• 24 hour / 7 day availability 

• Toll free international access 

• Network management of routers using SNMP (Overview) 

• Monitoring of DECnet circuits using NICE (custom program) 

• Evaluating DEC MSU to provide integrated IP and DECnet 

management capability 


Network Configuration 

• 112 sites connected 

71 using multi-protocol routers 
(54 routing DECnet Phase IV) 

29 using DEC’S DDCMP 
1 2 utilizing DECnet encapsulation 

• 2 interconnections with other Federal Agency Network's 
(NSFnet, ESnet, TWBnet, MILnet) 

FIX-EaSt (SURAnet, College Park, MD) 

FIX- West (NASA Ames) 

• Traffic increased 250% during past 12 months 
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4»IP 


J. Patrick Gary 
Science Network Office 
Code 930.6 

Goddard Space Flight Center 


March 31, 1992 


Presentation to the 

NASA Science Internet User Working Group (NSIUWG) Conference 


NASA Science Internet User Support Office 


Objective 

• Meet user needs for NSI information and applications 
services through the establishment and coordination of 
an effective set of Network Information Center (NIC) and 
network applications development efforts. 




• NIC Requirements Definition and Analysis 

• Network User Help Desk 

• Publications/Documentation 

• On-Line Services 


User Outreach 
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NASA Science Internet User Support Office 
NIC Requirements Definition and Analysis 


Objective 

• Collect and document NIC requirements In User Services Request (USR) form 

— Information services, e*., Yellow Page NSI Resource Guide 

— Application services, e-g., IP-OSI Interoperability Gateway 

• Identify existing or emerging products and applicable R&D efforts 

• Identify remaining resources needed to meet users’ requirements 


I JtTTTff w;Y77*rrim miinmiEl 


Drafted separate Information Service Request and Applications Service 
Request forms to facilitate: 

— Work planning 

— Progress/status reporting 

— Product documentation 

Reviewed Justification and prioritization factors with NSI’s Deputy PM, e.g., 

— Extent of user demand 

— Who and which sites will use this service and how often 

— Availability of t his service in other NICs 

— Maturity of the technology/products related to this service 


NASA Science Internet User Support Office 
Network User Help Desk 


Maintain 8 hr/day x 5 days/week NIC help desk with >90% live phone response 


• Respond to user requests 

— General network Information 
— Network uaer problem diagnosis 


— Referrals (e.gn to NSI NOC, other NICs) 

— User node configuration/ optimization 


• On-going Help Desk operations routinely handling approximately 20 Email 
requests and 10 phone requests per week; over 90% responses to Email by 
close of business next day 

• Assembling reference files covering a wide variety of topics (e.g., Internetwork 
mail, online resources, the NSI-DECnet node database, the NPSS, etc.) for use 
in day-to-day operations 

• Planned Help Desk improvements in NSI NIC-NOC coordination, cooperation 
and Information exchange 

• Initiated contact with NIC-related personnel at MSFC NPSS, Merit, NSFnet 
Network Service Center, SURAnet, THEnet, and other Help Desks as part of 
Inter-NIC liaison activities 

• Co-chairing IETF User Documentation Working Group with near-term 

goal of Improving internetworking bibliography \ 
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NASA Science Internet User Support Office 
Publications/Documentation 


Objective 

• Coordinate the development and distribution of quality documentation 




► Prepared several new mini-guides designed to assist network users in better 
understanding various network commands and in accessing numerous 
on-line services 

~ H<mtoAcc«. lh€ NSI Online Networ* Aide (NONA) 

— The NSI-DECNET Node Data Baac 

— Using Ute EAST Interoperability Gateway 

— Basic TCP/IP (Internet) Command! for DECnet/VMS Caen 

— Using the Pile Trancfer Protocol (FTP) 

fpr Determining the Source of Electronic Mall 

— The MacSecure Anti- Virus Tool Kit for Macintosh Computers 

Planned contents for a NSI New User Packet, e.g., 

— — What Is the NSI NIC, NOC, NSIUWG, ... 

“ k *" Glossary of bask networking terms 

— Internetworking bibliography — NSI Resource Guide 


^tailed and ^figured NSINIC VAX 3400 running VMS and NSISRV 
DECstatlon 5000/200 running ULTRIX as NSWedkated computers for 
hosting on-line USO services r 

Enhanced the NSI On-line Network Aide (NONA) system since its V1.0 release 

iS'ni* various menus/lnformatlonal files previously under construction 

— Added Hot News feature to top menu 

— Updated Electronic Mail Matrix Information; also added a "knowbot" to 
handle interactive user inquiries in this subject area 

— Upgraded the on-line problem reporter and comments subsystem 

— Designing and testing Version 2 of NONA 
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NASA Science Internet User Support Office 
On-Line Services (continued) 


Created the NSI File Cabinet and updated its informational holdings 

— Presently contains 39 directories, 1392 flies ^ _ __ ¥B7 

— Major directories are IMAGE, MAC, NSINIC, RFC, and SOFTWARE 

Created NSI DB as a replacement for the old SPAN_NIC Yellow Pages 
Continued approximately bi-monthly updates to the NSI-DECnet node data base 
Providing USENET News feed for several NSI-connected sites 
Created NSI Electronic Postal Facillty/POBOX capability 

— Maintains various mailing lists to send announcements and bulletins 

— Presently supporting the following groups: yTOO _ l4! _. 

• International Forum on the Scientific lJ»er* of Space Station (IFSUSS) 

. AAS High Energy Aj trophy sica Division (HEAD) 

• Applied Information Systems Research Program (AISRP) 

Developed IKI-N ASA Gateway system (now planned to be shut off) 


NASA Science Internet User Support Office 
User Outreach 


Objective 

• Present NSI capabilities and demonstrate network information and 
application services through active participation in user conferences, 
symposia, and Working Groups 




Provided significant planning for the annual NSI User Working Group 
Conferences 

Edited Proceedings of the Second Annual NSIUWG Conference, 

February 11-14, 1991 

Coordinated numerous arrangements for Third Annual NSIUWG 

Conference, March 30 - April 3, 1992 
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NASA Science Internet User Support Office 
User Outreach (continued) 


• Assisted in staffing the NSI booths at key scientific conferences, e.g., 

— December 7-11 AGU conference in San Francisco, CA 

— January 12-16 AAS conference in Atlanta, GA 

— March 16-20 LPSC conference In Houston, TX 

• Presented NSI User Support Services at various project working group 
meetings, e.g M 

— March 10-12 EOSDIS DAAC User Services Work Group Workshop 
in Sious Falls, SD 

• Provided network usage consultation and tutorials on NONA, the NSI File 
Cabinet, and several other on-line systems to over 800 NSI users 

• Establishing process of contacting user representatives at newly-connected 
NSI sites 


NASA Science Internet User Support Office 


At This Conference: 

— Discussion during Plenaries 

— Discussion during User Services Subgroup 

— Discussion during User Services Tutorial 

— Discussion at NSI NIC Exhibit Booth 

— Other... 

Anytime: 

— Call and/or Email and/or FAX Help Desk 

— Leave message in NONA comments/suggestion box 

— Other... 
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WHO YOU GONNA CALL? 


NSI Network Information Center 


Code 930.6 

Goddard Space Flight Center 
Greenbelt, MD 20771 

301-286-7251 

(FAX) 301-286-5152 

nsihelp@nic.nsi.nasa.gov 

nsinic::nsihelp 





NSI SECURITY 
Update 


RON TENCATI 
NSI SECURITY MANAGER 
March 31, 1992 
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NSI SECURITY UPDATE 


HACKERS ON NSI: 

HOW THEY GET IN; 

• DIAL IN VIA ROLM LINES 

• NPSS (X.25) 

• TCP/IP OR DECNET NETWORK (NSI) 

TYPICAL HACKER ACTIVITY; 

• TRY TO GUESS PASSWORDS 

• EXPLOIT GUEST ACCOUNTS THAT ALLOW OUT OUTBOUND ACCESS 

• SEARCH FOR WORLD-READABLE SYSTEM FILES . 

• USE NSl/OSSA SYSTEMS AS STAGING AREAS FOR FURTHER ATTACKS. 


NSI SECURITY UPDATE 


P.UBBENT VULNERABILITIE S BEING EXPLOITED 

• TFTP (Used If a node is a bool-server) 

Allows files lo be read/copied w/oul specifying a userid/password 

/etc/passwd 

• GAINING ROOT ACCESS VIA EXPLOITING BUGS. INSTALLING TROJAN HORSE 
BINARIES 

• TRIVIAL PASSWORDS 


DEFAULT ACCOUNTS AND V COMMANDS 



NSI SECURITY UPDATE 


IMPROVING OVERALL SECURITY 

• USE PASS-PHRASES 

• REQUIRE PASSWORDS ON ALL ACCOUNTS 

• ONE ACCOUNT PER USERNAME 

• GENERATE AUDIT TRAIL (ACCOUNTING) DATA - REVIEW DAILY 

• INSTALL PATCHES AS THEY BECOME AVAILABLE 

• RUN SECURITY TOOLKIT” SOFTWARE 

UNIX: "COPS" VMS: "SPAN TOOLKIT" 

• REPORT INCIDENTS WHEN THEY HAPPEN 

• Come to the Tutorials on Thursifai/l 


NSI SECURITY UPDATE 


INCIDENT HANDLING 

• DO NOI REPORT NASA INCIDENTS TO THE "CERT" 

• USERS SHOULD REPORT ANY ANOMALY TO THEIR SYSTEM ADMINISTRATOR 

• SYSTEM ADMINISTRATORS SHOULD REPORT ANY SECURITY INCIDENT TO THEIR 
DPI-CSO 

• IF INCIDENT INVOLVES AN EXTERNAL SITE, REPORT IT ALSO TO NSI-SECURITY 
OFFICE, SECURITY@NSINIC.GSFC.NASA.GOV 

• NSI SECURITY OFFICE ISSUES SECURITY BULLETINS TO NSI COMMUNITY VIA 
ROUTING CENTER MANAGERS AND NASA AIS CONTACTS 
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NSI SECURITY UPDATE 


4 ^ 

isugyv 

SECURITY ALERT DISTRIBUTION 


•NSI ROUTING CENTERS 

- ARC (Warren Van Camp. Milo Medln) 

- QSFC (Dave Stem, Jerome Bennett, Rick 

Dunbar) 

- JSC (Dan Anderson) 


- JPL (Sandy George. Joe Wledawek) 

- MSFC (Sam Ptzzano. Linda Porter) 

- ESOC (Paul Hughes) 

• KSC (Mark Juhr, Mark Mason) 


• OTHER NASA CONTACTS 


• SSC (Paula LeBlanc) 

• LeRC (Steve Praht) 

• LARC (Stave Deny) 

• HQ (Janet Keys, Russ Davis) 
- JTD (Rick Carr) 


• OTHER NETWORK/SECURITY CONTACTS 


- ESnet/DECnet (HEPnet) 
■ INFN (Italy) 

- ISAS/NASDA (Japan) 

. DAN (Canada) 

• RIKEN (Japan) 


- SPAN France 

- European SPAN 

- SDSC 

• DOE/CIAC 
- ESTEC 


- DARP A/CERT 

- FIRST (Inti CERT Group) 
• NSI-NOTlFY@NSIPO 


NSI Acceptable Use Policy 




SUMMARY: 

NSI supports m NASA science IKght missions, discipline research programs, and collaborating scientists at NASA 
Cantara and sleew h ere. 

NSI la not to ba uaad lor prtvat# gain or prollt. 


SPECIFIC; 

1) Uaa ol NSI mual ba In support ol 0 M 0 W NASA programs; a* uaar requests lor NSI connacSvdy muat ba vaRdatad 

and s u ppo rte d by cognizant OSSA DtecftpNne Chiefs. 

2) Usa ol NSI to support coordination and administrative execution ol OSSA research grants Is permissible; 

3) Use ol NSI to support NASA research, related training, and associated technical activities at non-prom Institutions 

of research and education Is acceptable. 


4) Use ol NSI lor commercial or IntoteduaJ gain by lorprom organisations Is not acceptable, unless those 

organizations an using NSI to satisfy specific NASA contract or grant requirements. 

5) Use ol NSI tor research or education at tor-profit instilutlona vrtfi ba reviewed on a case- b y -case basis to ensurs 

consistency with OSSA programs: lack ol program approval wM result In dfecomecaon. 

at Uaa ol NSI to aalo unauthorized use ol resources attached to NSI «• result In dtocomtecfion and legal 

prosecution? NSI wM make every attempt to Implement precautions to safeguard against unauthorized usa ol 
NASA computers, databases, and other attached lederal resources. 

7) Use ol NSI lor the Introduction ol worms, viruses, irojans, or other software which maficlousty Interferes with 
normal NSI operafions is unlawtU. 
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NSI Acceptable Use Policy 


KEY POINTS: 

• NSI * The Internet" 

• NSI Resources are for OSSA Support Only 

• OSSA/NSI Users enjoy full network access 

• Unauthorized use of NSI Is unlawful 

• Violators will be prosecuted 

NSI SECURITY UPDATE 



CONTINUING INITIATIVES 

o REVISED POLICIES 
o TOOLKITS (VMS & UNIX IN FY 92 ) 
o IMPROVED INCIDENT RESPONSE MECHANISM 
o EDUCATION 
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NSI Acceptable Use Policy 


SUMMARY: 

NSI supports sH NASA sdsnct Mght missions, discipline research programs, and collaborating scientists at NASA 
Csntsrs and eleeerhere. 

NSI Is not to bs ussd lor private gain or profit. 

SEEC1BC; 

1) Uss of NSI must bs In support of official NASA programs; aN user requests for NSI connectivity must bs validated 

and supported by cognizant OSSA Discipline Chiefs. 

2) Uss of NSI to support coordination and administrative execution of OSSA research grants Is permissible; 

3) Uss of NSI to support NASA research, related training, and associated technical activities at non-profit Institutions 

of research and education Is acceptable. 

4) Use of NSI for commercial or Intetiectual gain by for-profit organizations Is not acceptable, unless those 

organizations are using NSI to satisfy specific NASA contract or grant requirements. 

5) Use of NSI lor research or education at for-profit institutions will be reviewed on a case-by-case basis to ensure 

consistency with OSSA programs; lack of program approval will result In disconnection. 

6) Uss of NSI to gain unauthorized use of resources attached lo NSI will result In disconnection and legal 

prosecution. NSI will make every attempt to implement precautions lo saleguard against unauthorized use of 
NASA computers, databases, and other attached federal resources. 

7) Use ol NSI lor the Introduction of worms, viruses, trojans, or other software which maliciously interferes with 

normal NSI operations Is unlawful. 
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B. NSI User Projects Plenary 
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Upper Atmosphere Research Project (UARS) 
Project Update 


NSIUWG 
April I. 1992 


Daniel S. DeVito 
Cede 430 

UARS CDHF Manager 




Agenda 


1 Background 
-UARS 

- Ground System 

- MSI Support 

Lessons Learned 

- Performance 

- Engineering Support 
-Operations Support 

- Management 
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Background: UARS 


4ME 


• The UARS, deployed by Discovery on September 14, 1991, Is the first of 
a series of observatories to be launched as part of the "Mission to 
Planet Earth" program. 

• UARS carries nine complementary experiments performing three types 
of measurements as follows: 


Composition 

S. 

Temperature 


CLAES: Cryogenic Limb Array Etalon Spectrometer 

HALOE: Halogen Occultatlon Experiment 

I SAMS: Improved Stratospheric And Mesospheric Sounder 

MLS: Microwave Limb Sounder 


Winds 


HRDI: High Resolution Doppler Imager 

WINDII: Wind Imaging Interferometer 


T PEM: Particle Environment Monitor 

Energy Inpul I SOLSTICE: Solar/Stellar Irradlance Comparison Experiment 
L SUSIM: Solar Ultraviolet Spectral Irradlance Monitor 


Background: UARS (cont.) 


Urrt If 


The UARS Science Team consists of 20 Principal Investigators at various 
International locations: 


Principal Investigator 

" A E. Roache 
JM. Russell 

F. W. Taylor 
J.W. Waters 

Instrument PB Hayes 
Investigators 66 Shepherd 

J.D. Winn Ingham 

G. J. Rottman 

_ G.E. Brueckner 

“ DM. Cunnold 
M. Geller 
J. Gllle 
W.L. Grose 
Theoretical & J.R. Holton 
Collaborative J. London 
Investigators KJ. Miller 


Location Instrument 

LPARL; Palo Alto, Ca CLAES 

LaRC; Hampton, Va HALOE 

Oxford Unlv.; Oxford, England ISAMS 

JPL; Pasadena, Ca MLS 

Univ. Of Michigan; Ann Arbor, Ml HRDI 

York Unlv.; Toronto, Canada WHN)II 

SwRI; San Antonio, Tx PEM 

Unlv. of Colorado; Boulder, Co SOLSTICE 

NRL; Washington D.C. SUSIM 

Georgia Tech; Atlanta, Ga 


M. Geller 5UNY; Stony Brook, NY 

J. Gllle NCAR; Boulder, Co 

W.L. Grose LaRC; Hampton, Va 

J.R. Holton Unlv. of Washington; Seattle, Wa 

J. London Unlv. or Colorado; Boulder, Co 

A.J. Miller NOAA; Camp Springs, Md 

C. A. Rebcr (ProJ Scl) GSFC; Grccnbclt, Md 

A. O'Neill UKMO; Bracknell, England 

D. Wubbles LLNL; Livermore, Ca 


R.W. Zureck 


JPL; Pasadena, Ca 
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Background: Ground System 


• Instrument Investigator Teams provide dally science and activity plans to the 
Command Management System (CMS) based on planning aids. 

• The CMS provides command loads to the Payload Operations Control Center (POCC) 
which are subsequently uplinked to the observatory via the TDRSS. 

• Telemetry and Tracking data are downlinked to the Data Capture Facility (DCF) and 
Flight Dynamics Facility (FDF) via the TDRSS. 

• The DCF archives the telemetry data, reverses the data to time- Increasing order, 
removes redundant data, and decommutales and formats the data for transmission 
to CDHF. 

• The CDHF provides non-crltical mission support and data management functions: 

- Ingest UARS Level 0 data and correlative data 

- Process Level 0 data using Pi-provided software 

- Store UARS data products and correlative data 

- Provide access to UARS data products and correlative data to UARS science 
community via network communications (managed by NSI). 
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Background: UARS (cont.) 


• UARS mission lifetime 

Flight Operations 
Original Plan 1.5 years 

Current Plan 5 years 


Ground Data Processing Support 
2.5 years 
6/7 years 
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Background: 6round System (coot.) 


• UARS data available from the CDHF are: 

- Level 0: pre-processed telemetry 

- Level I: output of sensors (e.g., radiances) 

- Level 2: geophysical data (e.g.. ozone mixing ratio., at footprint of sensor) 

- Level 3 A: geophysical data transformed to a common format and 
Interpolated to equal time and latitude steps (approximately one-minute 
centers) 

- Level SB: latitude/ longitude maps on a dally basis at one-half height 
Intervals 

• Correlative data, supplied by Correlative Measurement Investigators (Oils) via 
Pis. are available from the CDHF. 


Background: NSI Support 

• Engineer, reliable. DECnet connectivity between the CDHF and RACs 

• Analyze external network reconfigurations and Technology advancements for Impact 
to the "UARSnet* * (eg DECnet Phase V) 

• Provide a minimum bandwidth equivalent to a 56 kbps dedicated circuit between the 
CDHF and each RAC 

• Provide around the clock monitoring of all communication links 

• Perform trend analysis on network links to monitor shared line utilization and trace 
reliability, maintainability, and availability (RMA) of the "UARSnet" 

• Report all line outages Impacting the "UARSnet" and associated resolutions to CDHF 
operations and Project personnel 

• Provide utilization statistics for each "UARSnet" link 


• Present NSI status at the UARS Data Systems Working 6roup Meetings (DSWGs) and 
Systems Managers Meetings (SMMs) 
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CDHF and UARSnet (Primary Circuits) 
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Lessons Learned: Performance 


• Losses and subsequent acquisitions of communication links Impacting CDHF/RAC 
connectivity are reported by the MSI Network Operations Center (NOC) to LIARS operations 
and Project personnel via e-mail. Each loss and gain of a link to a RAC Is termed m 
"even l*. 

• Events are categorized by cause as rollows: 

- Line: outages caused by failure or planned maintenance outside the control or the 
RAC site 

- RAC: outage caused by ra I lure or planned maintenance of RAC site 

" Unknown: outage reported by the NSI NOC but without sufficient Information to 
determine cause 

• E-mail messages from the NSI NOC were saved by the UARS Project for a period of 17 
months (10/90-2/92) to use as a basis for trend analysis or the UARSnet performance. 
During the 17 months: 

- Over 1500 mall messages were sent to UARS by the NSI NOC concerning events 

- 731 events were recorded 

- Over 14* or all events were not completely reported by the NSI NOC and therefore 
are not used In the following performance statistics 
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Lessons Learned: Performance 
UARSnet Event Statistics 


NCAR 
NO A A 
LPARL 
SUNY 
6a. Tech 
LaRC 
LPARL 
JPL 

Oxford U. 
SwRI 
U of filch 
NRL 

U of Wash. 
U of Colo 
York U 
CNES 


Boulder, Co 
Camp Springs, rid 
Palo Alto, Ca 
Stony Brook, NY 
Atlanta, 6a 
Hampton, Va 
Palo Alto, Ca 
Pasadena, Ca 
Oxford, England 
San Antonio, Tx 
Aim Arbor, Ml 
Washington D.C. 
Seattle, Wa 
Boulder, Co 
Toronto, Canada 
Toulouse, France 


Circuit Type 


T I (Shared) 

56 kbps (Dedicated) 
T I (Shared) 

T I (Shared) 

T I (Shared) 

56 kbps (Dedicated) 
56 kbps (Dedicated) 
72B Kbps (Shared) 
56 kbps (Dedicated) 
56 kbps (Dedicated) 
T I (Shared) 

T I (Shared) 

T I (Shared) 

T I (Shared) 

56 kbps (Dedicated) 
56 kbps (Dedicated) 


Number of Events 
Unknown RAC Total 
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Lessons Learned: Operations Support 


• The MSI HOC needs to standardize "event" mall messages for easier tracking and to 
support trend analysis. 

• Communication between the NSI NOC, CDHF/RAC Systems Managers, and Network 
Affiliates (eg PSCN. NSFnet) needs to Improve In order to achieve accurate problem 
tracking and timely resolution of connectivity problems. 

o The frequency of partially reported 'events* has steadily ImprovedL 
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Lessons Learned: Engineering Support 


NSIO engineering support has always been outstanding when directly applied to a UARSnet 
task. 

NSIO often has difficulty providing engineering support for the UARSnet In a timely 
manner. 

The UARS Project has not seen trend analysis performed as originally advertised by NSIO. 
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Lessons Learned: Management 


• The UARS Project underestimated the effort required to coordinate with NSIO on 
networking Issues. 

o The NSIO underestimated the effort required to design. Implement, and manage the 
UARSnet. 

o NSIO has become more realistic In advertising services and task completion dates. 


• NSIO Management response to UARS Project concerns was Inadequate. The appointment of 
a Project Coordinator by NSI has greatly Improved NSIO/UARS Project 
communication. 
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Production requirements and funding 
preclude the inclusion of Dr, Clarke’s 
original color reproductions of Galileo 
images and maps. 
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THE SECOND EARTH ENCOUNTER 
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HISTORICAL PERSPECTIVE 
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• REAL-TIME DISPLAY CAPABILITY REPLACES PRINTOUTS 

"TARGETS OF OPPORTUNITY" ENCOUNTERS ON WAY TO JUPITER 
PROVIDE OPPORTUNITIES TO TEST EVOLVING SCIENCE DATA SYSTEM 
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56 KBPS NETWORK, MOSTLY 
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• ASYMMETRIES DISCOVERED AND FIXES ADDRESSED 
TIMELY COMMUNICATIONS WITH NSI PROJECT OFFICE ENSURE 
UNINTERRUPTED SERVICE DURING ENCOUNTERS 
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<S>aCif<20 

THE EUROPEAN NETWORK CONNECTIONS 
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LANDOVER.l ARGOS CNES- 

MARYLAND J UNK 64 KBPS l TOULOUSE 
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France/Toulouse (CNESTA) 

Send: 1.9 kbps Receive: 2.9 kbps 
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SCIENCE DATA SYSTEM LOCAL AREA NETWORK 
INTERCONNECT AND INTERFACE TO THE NSI 
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SPACE FLIGHT OPERATIONS CENTER 
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LOCATION: 264-780/719 
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SPICE - A BRIEF DESCRIPTION 
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SPICE SYSTEM DATA FLOW 
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FEED BACK INTO GENERATION PROCESS 
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SFOC, MIPL 

SSI, NIMS, U VS, RS DETAIL CATALOGS BY SCIENCE TEAMS, WITH 
METADATA LINKS TO GSC 













AS RUN SEQUENCE FLOW DIAGRAM 



no 










(Safifco 


X 

H 

X 

< 

X 

H 

< 

m 

X 

> 


tu 


C 2 
H X 

u 


CQ 

o 

X 

u 

z 

w 

HN 

u 

in 

X 

< 

z 

X 

X 


a 

tu 

b 

< 

tu S 
d 2 

O ' 5 

z H 

X d 
g Z 

£o 

tU H 

Q < 

K N 
oo « .* 
OS OS £2 

< S Z 
& w 
< 2 
OS X 

< £ 
X E- 

U £ 
sc J 5 

[rSg 

tt- t- s 

O CJ co 

tu tu z 

rn Cu CU 

< £ 1/2 

OJHg 
m J r 

> X O 

oss 


OS 


u 
o z 


tu 

a: 


z < J 

£ Z < 

z o , 

tu g s> 

tu 55 g 
b o 2 

O &- Q 
SSQ 
tu o z 

as U < 


as 

o 

tu 

oo 

< 

IU 

DC 

< 

z 

£ 

o 

z 

* 

tu 

Q 

oo 

os 

< 

tu 

z 

as 

< 

z 

X 

J 

tu 

O 

tu 

o 

< 

as 

tu 

> 

o 

u 

o 

z 

co 

z 

tu 

oo 

tu 

b 

O 


00 

b 

Z 

tu 

£ 

X 

as 

b 

oo 

Z 

o 

z 

I— « 

co 

z 

tu 

oo 

tu 

b 

O 

S 

tu 

as 

x 

x 

< 


g 


z 

o 

b 

< 

as 

CQ 

X 

< 

U 


§ 


P 

o 
as S 
O 

tu - 

Z <"J 
O J 

►— I •<£ 

a , 
z 

as § 

5< 

o a 

CU OS 
X tU 
p b 

DC y 

o < 

^ DC 
^ < 

« = 

2 " 

3< 

o C 
cu cu 

O CL| 

<c 
as b 

tu d oo 

> 2 b 

O S 2 
WqW 
g z § 

§ 5 as 
£ z b 

Z o oo 

tu ~ z 

w h S 

tu So a 
b O Z 

CU 

s 

S ' O „ 
tj oo 


O 


00 

Z 

tu 


o 

z 

oo 

co 

< 

O 

b 

X 

O 

T 

« 

o 

o 

x“ 

as 

2 

O 

z 

u 

as 

< 

tu 

co 

as 

Q 

a 

g 

x 

as 

< 

Z 

X 

X 

as 

Q CO 

b 

X Z 

2 co- 
os > 
CQ X 


Z 

o 


co 

O 

cu 

Q 

Z 

< 

X 

b 

a 

z 

tu 

X 

tu 

> 

< 

£ 

oo 

> 

co 

co 

tu 

Z 

b 

X 

O 

DC 

CQ 

U 


s 

o 

Q 

§ 

X 

co 

< 

tu 

S 


in 


ON THE LUNAR DISK - PPR AND NIMS 




CO 

E- 

Z 

w 

W Ei. 

O 
3 co 
^ Z 

< o 
ffl — 

s ^ 

d > 

5 o£ oc 

F wcu 

tJS 0 : 

go« 

CO x = 

QhZ 

< ^So 

;z w 
z o ■ 

E— q£ 

^<5 

r=} 0- H 
m O r 

£ u < 

^ o z 

<£S> 

k £ o 
ipo 

D S< 
E co 
H ac Q 
QHo 
Zosg 
D<E 
0“h 
oi u. co 

oo< 


co ^ 
> 2 


9 o 

w e« 


tU co 
H CQ 

^ O 

2 < 

■< r/. 


112 


• EARTH/MOON MOVIE, MOON PASSING EARTH (C/A + 8D T 6 8D14H) - SSI 

• DETECT SIGNS OF LIFE ON EARTH (VEGETABLE, ANIMAL, INTELLIGENT) - 
SSI, PWS 
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ADDITIONAL SCIENCE OBJECTIVES AT EARTH2 
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LIGHTSIDE (LOW PHASE ANGLE) DEPARTURE 
CLOSING RATE ~ 750,000 KM/DAY 

SUN POINTED SPACECRAFT REQUIRES USE OF LOW GAIN ANTENNAS 



LUNAR ORBIT TRAVERSE AT EGA2 
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Ret: Louis Frank, Presented al Galileo Earth/Moon Science Workshop, 5/10/68 



LUNAR ENCOUNTER GEOMETRY AT 
EGA2 FOR 10/18/89 INJECTION 
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CLOSEST APPROACH ALTITUDE: 100,000 km 










S.C S?Hi'gptr.«ph/E2PLN-1 10791. t 

=EaiAPSIS:92-343/1 5 :1 0:23 

START:ECA 92-343/1 5:09:24.816 .0/00:15:10 

ACTIVITY :tran DESC9IP:ANDES MOSAIC 
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EARTH 2: C/A +2 DAYS 
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EfiRTH 2: C/P +2 DPYS, 17 HOURS 
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AOd 



EARTH 2: C/A +3 DAYS 
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C. Network Information/User Services 

Plenary 


FRfitSfciv* 1 * 
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Internet Information 
Servers 


NASA Science Internet 
Users Working Group 
Conference 


30 March - 3 April 1992 


Joyce K. Reynolds 
Information Sciences Institute 
University of Southern California 
Marina del Rey, California 

USA 
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Overview Information Servers/ 
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McGill University 
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Developed by CNRI 
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World Wide Web World Wide Web 
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X.500/Whitp Paws 


Peter Yee/ARC 
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Internet Documentatio n for USERS fYI RFCs (cont.) 

(not WIZARDS!!: 

FYI 4: “FYI on Questions and Answers: Answers to 
FVT II F Cs Commonly asked “New Internet User” 
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“Choosing a Name for Your Computer**, 
1990. 
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publication 


RFCs & FYIs The RFC Info Service 
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Sweden, Germany, France, 
Netherlands, Finland, Norway, 
Denmark, Australia, Pacific Rim 
and the United States 


Notable NICs M mw ^ fPPWI 

Network Information Center 
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SRI Net work Information Mail Sprw>rc 

Systems Center 

RFC-Info 

Provides network tools and 
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(415) 859-6028 (FAX) 
and via electronic mail 
to: nisc@nisc.sri.com 
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Request: End 
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What’s an X.500? 


• Service description 

• How it works 

• Directory Service Standards Bodies 

• Directory Service Standards 

• Implementations 

• Directory Service Pilots 


Directory Service Standards Bodies 


• CGTT/ISO are joint issuers of X.500. 

• NIST - mandating use of X500 in GOSIP Version 3. 

• OIW - designing profiles for real world use of the directory. 

• NADF - working on making X.500 a commercial reality. 

• IETF - targeting directories on the Internet and solving 
operational issues. 
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How it works 


• X500 Model 

• User's Perception 

• Application of X500 


Ym. N+wm l S 
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X .500 Model 

X.500 service is made of two parts: 

• DUA (Directory User Agent - a client) 

• DSA (Directory System Agent - a server) 
and it uses two protocols: 

• DAP (Directory Access Protocol) 

• DSP (Directory System Protocol) 
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X.500 Model 


Directory System Agent 
Directory User Agent 
Directory Access Protocol 
Directory System Protocol 
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Applications of X.500 


White Pages 

• A large telephone book 

• Inexact matching 

• Searching 




Applications of X.500 


Resource Location and Naming Services 

• Locate computers, peripherals, and services. 

• Translate human understandable names into 
machine identifiers (like the Internet DNS). 
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Implementations 


Commercial: 

• Retix, OSIWare, Unisys, and even Novell 
Non-Commercial: 

• QUIPU, Custos, Pizarro 


* MTV 2H-1M 


QUIPU 


• 

Major directory research platform capable of running 


on many UNIX systems. 

• 

Basis for some commercial products. 

• 

Widely used and well-tested. 

• 

Directory Service Agent CDS A) 

• 

Supports 1968 Standards 

• 

Low initial cost 

• 

L. 

Requires ISODE 
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Fielding Operational X.500 (FOX) 


• Jointly funded by DARPA, NSF, DOE and NASA. 

• Testing interoperability of QUIPU and NISTs 
Custos implementation of X500. 

• Merit developed object identifiers to store the 
Internet network infrastructure information in 
X-500. 

• SRI developed an X500 version of the WHOIS 
database. 

• PSI has created an index into the RFC/FYI document 
series and applications to locate and retrieve RFCs 
with X.500. 


woiDii.h> 


Performance Systems International (PSI) 
White Pages Pilot (WPP) 


• Manages the US Directory Information Tree of the 
X500 world pilot 

• 73 organizations 

• Uses the QUIPU implementation of X.500. 

• 300,000 entries 
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Internet Pilot 


Encompasses the PSI WPP and Paradise, 
plus several other countries. 

A major source of directory research and experience. 
Testbed for Internet RFCs and experimentation. 
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NASA Pilot 


• Servers running at ARC, GSFC,JPL, LeRC, and MSFC. 

• Proxy service provided for DFRF, JSC, KSC, and LaRC. 

• Hope to have HQ join the pilot and move proxy 
servers to respective centers. 

• Approximately 50,000 entries available. 


V. 
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How to populate QUIPU Entry Data Block 
(EDB)? 


• Civil Servant information is from NASA 
Personnel and Payroll System (NPPS). 

• Contractor information is from other 
applications on the same IBM Mainframe. 

• Additional information is not centralized 
(i.e. electronic mail address). 


, - r 1 1 1| frp - * Ml- 2JJ-1I 
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Existing Method for Creation of Directory 
Entries 


Malnframa 

Summary 

Information 


* Additional information cannot be stored on 
mainframe. 

• Additional information would not be stored in 
EDB because they would be lost after each EDB 
creation. 


hfl W aHI 
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New Method for creation of Directory 
Entries 


Mainframe 

Summary 

Information 



Add, Change, 
A Aam a w 


• Relational Database becomes centralized 
master for additional directory information. 

• Relational database can be modified to accept 
other data feeds. 




X.500 Development 


• Beta tester for QU1PU and ISODE software. 

• Created Macintosh DU A called MacDish. 

• Working in IETF, IEEE, and ANSI on X.500 standards, 
profiles, and additions. 
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Directory User Agents 


Terminal 


• Dish - Provides a very powerful interface into the 

Directory and gives a user full access to the 
Directory Access Protocol (DAP). 

• Can be used to build custom interfaces, 
which are easier and more intuitive. 

• Fred - A DUA optimized for White Pages queries. 

- Can make complex searches, and compose 
mail addresses using the MH mail. 

• SD - Screen Directory 

- Screen oriented interface 
with the same functionality as POD. 

• DE - Directory Enquires 


tCmfMIUIMI 


Directory User Agents 


X-Windows 


- X white pages. X-Windows interface. 

- Supports user-friendly naming. 


• Pod - X windows. Intended for naive users. 

- Click on buttons to pop up windows 
with more Directory Information. 

• XDI - Advanced version of POD from Bellcore. 

• XT-DUA - Commercial DUA from X-Tel. Motif-based 

user interface. 
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Directory User Agents 


• MacDish - NASA/ Ames Research Center 

• maX500 - University of Michigan (RPC 1249) 

• PSIWP - Performance Systems International, Mac 

(RPC 1202) 

•PCWP - Performance Systems International, PC 
(RPC 1202) 
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Directory Service Issues 


• Standard is still evolving (X500 1992) 

• PC/MAC User Agents 

• Vendor support and commitment 

• User demand 





Current Status 


• ICCN/S recommends an engineering operations 
test period at (at least) 3 sites (Ames and two 
sites TBD). 

• Continue to search for more DUA's. 

• NAS purchased a machine to serve as Ames D5A 


¥1 


Recommendations 


• Determine level of support needed at each Center 
for a fully operational DSA, based on experiences 
from engineering operations test 

• Coordinate with personnel and payroll groups 
at each Center to obtain data for Center’s DSA. 

• Provide a mechanism for retrieving directory 
information via electronic mail. 

• Work within ISODE Consortium to have QUIPU 
tested for XJOO/GOSIP compliance. 
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D . Network Communications Technology 

Plenary 
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NASA SCIENCE INTERNET 
USERS WORKING GROUP 
CONFERENCE 

APRIL 2, 1992 

"INTERNET FORECAST" 

Vint Cerf 

Corporation for 
National Research Initiatives 
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©mmmw 

■s* Scaling 
^ Speed 
Services 
■®* Constituents 
Applications 
Service Providers 
Government Roles 
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THE SCALING CHALLENGE 


© Internet doubles every 7-12 months 
® Running out of routing power 
® Running out of Address Space 

© We need to support a BILLION 
networks 

® (see above) 

V Must deploy incrementally 
© Must deploy IN TIME! 
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MORE SCALING CHALLENGES 


!! We need more capacity 


NSFNET Packet Traffic History 


February 1 992. 

13 4 billion packets* 


Jan 


O Mint Network. Inc.. 1992 



'Total packets, T1 and T3 
networks 


Sep Nov 


July 1988. NSFNET begins 
■ operation under Merit's 
management 
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packets in millions 



Co-Chairs: Phill Gross/ANS 

Peter Ford/LANL 

✓ IAB Charter 

(Architecture Retreats) 

0 Their 4 month mission: 

To boldly go where no routing 
and addressing architecture has 
ever gone before! 

✓ March 92 IETF Report 

✓ Various Working Group Spinoffs 
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ROUTING 


Kg“ ISSUE 

■ IS-IS for CLNP 
OSPF for IP 
Dual IS-IS/Proto. 

■ Border Gateway Protocol 4 
(Masking/CIDR) 

■ Internet Domain Routing 
Protocol (IDRP) for IP/CIDR 

■ Address Assignment Issues 

■ Internet Domain Policy 
Routing (IDPR) 

Route Servers 
Policy Routing 
TOS/QOS Routing 
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SERVICES 

Network Services 

Frame Relay (56, DS1, DS3?) 

SMDS/DQDB (56, DS1, DS3, 
OC3, OC12...?) 

ATM (DS3, 0C3, OC12, OC24, 
OC48,...) 

PLAnet (IBM) 

All Optical (1G, 10G, 20G, IT,...) 

Transmission Services 

HiPPI/SONET (OC3, OC12,...) 
[800M, 1600M] 


All Optical? 



SERVICES (2) 


Real-Time Voice/Video 

QOS Resource Management 

Mobility Support 

Mobile Hosts (LAN Reconnect, 
Cellular/PCN, Satellite) 

Mobile Nets (cars, planes) 

Ubiquitous Computing 
(tabs, boards, pads) 



CONSTITUENTS 


■ CS/EE » R&D » Universities » 

Military » Government » 
Industry » K-1 2/Libraries » 
Residential 

[Home Lans are HERE!] 

■ US/North America » EUROPE » 

Pacific Rim » East. Europe » 
Latin America » Mideast » CIS 
» Africa 
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APPLICATIONS 


■ Telnet, X-Windows, V-Reality 

■ EMAIL, Comm’l EMAIL, PEM, 

Info Services, EDI, 

Electronic Commerce 

■ FTP, Anonymous FTP, archie, 

gopher, Knowbot Programs, 
WAIS, digital libraries, 
electronic publishing 

■ Talk, Internet Relay Chat, 

shared windows/blackboard, 
video-conferencing, collab- 
oration technologies 

■ Distributed Laboratories, Tele- 

presence 

car D^\[N][D)WQ[Q)ir[n] [n]@(Di> Nightmare! 
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SERVICE PROVIDERS 


■ Government Private Nets 
(NSINET, DARTNET, ESNET, 
NSFNET, MILNET,...) 

■ Special Value-Added Nets 
(ANSNET, ALTERNET, PSINET, 
SURANET, CERFNET, JVNCNET 
LOS NETTOS, BARRNET, 
SESQUINET, PREPNET, 
NEARNET, EBONE, NORDUNET 
DFN, WIDE, AARNET,...) 

■ Public Carrier Nets 

(RBOC Frame Relay/SMDS Svc, 
IXC FR/SMDS, INFONET, 
SWIPNET, UK PIPEX, 
SPRINTLINK, ...) 
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ELAStil 


Amendment to HR2936 

Science Subcommittee (Boucher, VA): 

Sec 3 of NSF Act of 1950 amended: 

(g) ...the Foundation is authorized to 
foster and support the development 
and use of computer networks which 
may be used substantially for 
purposes in addition to research and 
education in the sciences and 
engineering, if the additional uses will 
tend to increase the overall 
capabilities of the networks to sup port 
such research and education 

activities . 

[Full S&T Committee Markup 4/2/92] 
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NASA & NREN 


Tony Villasenor 

Program Manager, NASA Science Internet 
Milo Medin 

Deputy Project Manager, NASA Science Internet 


OFFICE OF SPACE SCIENCE AND APPLICATIONS 

NASA 
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OFFICE OF THE PRESIDENT 


Office of Science and Technology Policy 


Federal Coordinating Council on 
Science, Engineering and Technology 


Committee on Physical, Mathematical, and Engineering Sciences 


High Performance Computing, Communications, 
and Information Technology Subcommittee 


High Performance Computing & Communications Program 


FEDERAL NETWORK COUNCIL 


policy research security education 

WORKING WORKING WORKING WORKING 

GROUP GROUP GROUP GROUP 



President's Program: NREN Perspective 


NREN is a national high speed network to provide distributed 
computing capability to research and educational institutions 
and to further advanced research on very high speed 
networks and applications. 

NREN is a network for research and education, not general 
purpose communications. 

The NREN builds on NSFNET, ESNET, NSI and other networks 
supporting research and education. During 1992, the NREN 
will accelerate the introduction of commercial 45 megabit 
transmission technologies and services into operational use, 
including SMDS. 


Also: OSTP Press Briefing, January 30, 1992: 

The NREN is a high performance technology testbed for 
research and education, not for commercial use. 
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President's Program: NREN Activities 


Assist upgrades of regional & community of interest networks 
where appropriate, especially where these upgrades enhance 
end-to-end reliability 

Produce improved user-level tools to enable scientists & 
educators to take advantage of the NREN's capabilities. 

Refine the understanding of requirements for high capability 
networks: bandwidth, latency, predictability & stability. 

Improve the technologies necessary for policy controls, resource 
allocation, fair sharing, accounting, security, peering, and routing 
coordination. Integrate commercial services fully and 
interconnect to other relevant networks. 

Provide for a network information service that acts as a primary 
source of information on access to and use of NREN. 

Enhance the current interconnected multi-agency architecture to 
provide for the interoperability of Federal and non-Federal 
networks, to the extent appropriate, in a way that allows for the 
autonomy of each network component. 


NSI - NASA Scicnca Internet 


President's Program: NASA & NREN 


Goal: to accelerate the development and application of high 
performance computing technologies to meet NASA 
science and engineering requirements. 

NASA's pfogram will bring together interdisciplinary teams of 
computer and computational scientists to develop the 
[ , ® c ®s sary technologies within two vertically integrated 
NASA grand challenge projects that are unique to the NASA 
mission. These technologies include applications 
algorithms and programs, systems software, peripherals, 
networking, and the actual high performance computing 
hardware. NASA will develop a suite of software tools to 
enhance productivity, including load balancing tools, run 
time optimizers, monitors, parallelization tools, as well as 
data management and visualization tools. 

NASA will provide high-speed network connections among 
NASA, industry and academic researchers. 
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HPCC Act, Section 101 (2) 


(2) The Program Shall: 

(A) Provide for the aatabllshnnent of policies for managamanf and access to the NREN; 

(B) Provide for oversight of the operation and evolution of the NREN; 

(C) Promote connectivity among computer networks of Federal agencies and 
departments; 

(D) Provide for efforts to increase software availability, productivity, capability, 
portability, and reliability; 

(E) Provide for Improved dissemination of Federal agency data and electronic 
information; 

(F) Provide for acceleration of the development of high performance computing systems, 
subsystems, and associated software.; 

(G) Provide for the technical support and R&D of high performance computing software 
& hardware needed to address Grand Challenges; 

(H) Provide tor educating and training additional undergraduate & graduate students In 
software engineering, computer science, library & information science, and 
computational science; and 

m Provide for the security requirements, policies, and standards necessary to protect 
Federal research computer networks and Information resources accessible through 
Federal research computer networks, Including research required to establish 
security standards for high-performance computing systems and networks; 



HPCC Act, Section 102. NREN 


NSF, DOD, DOE, DOC, NIST, NASA, etc. shall support the 
establishment of the NREN, portions of which shall, to the extent 
technically feasible, be capable of transmitting data at one gigabit per 
second or grater by 1996. The NREN shall provide for the linkage of 
research and education institutions, government, and industry in 
every state. 

Federal agencies shall work with private network service providers, 
state and local agencies, libraries, educational institutions, etc. to 
ensure that researchers, educators, and students have access to 
NREN. NREN Is to provide users with appropriate access to 
high-performance computing systems, electronic Information 
resources, other research facilities, and libraries. 
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HPCC Act, Section 102. NREN 


(c) NREN characteristics. The NREN shall 

1. . be developed & deployed with the computer, telecommunications, and Information Industries; 

2. be designed, developed, and operated in collaboration with potential users In government, Industry, 
and research ft educational Institutions; 

3. be designed, developed, and operated In a manner which fosters A maintains compaction and 
private sector Investment In high speed data networking within the telecommunications Industry; 

4. be designed, developed, and operated In a manner which promotes RAD leading to davalopmant of 
commarclai standards that will encourage establishment of privately operated high speed 
commercial networks; 

5. be designed end operated to ensure the continued application of laws that provlda network end 
Information resources security measures, inch those that protect copyright and other Intellectual 
property rights, and those that control access to data bases and protect national security; 

6. have accounting mechanisms which allow users to be charged for their usage of copyrighted 
materials available over the NREN, and lor their use of NREN where appropriate A feasible; 

7. ensure tha Interoperability of Fadarai and non-Fadarai computer networks, to the extent appropriate, 
In a way that allows autonomy for each component network; 

8. be developed by purchasing standard commarclai transmission and network services from vendors 
whenevsr feasible, end by contracting tor customized services when not feasible, In order to 
minimize Federal Investment In network hardware; 

9. support research A development of networking software A hardware; 

10. serve as e testbed for further RAD of high capacity end high speed networks 


NSt - NASA Science Internet 8 


HPCC Act, Section 102. NREN 


(e) Information services. The Director of OSTP shall assist the President in 
coordinating the activities of appropriate agencies and departments to promote the 
development of information services that could be provided over the NREN. These 
services may include the provision of directories of the users and services on 
computer networks, data bases of unclassified Federal scientific data, training of 
users of data bases and networks, access to commercial information services for 
NREN users, and technology to support computer-based collaboration that allows 
researchers and educators around the Nation to share Information and 
instrumentation. 

(g) The OSTP Director shall report to Congress on: 

1. effective mechanisms for providing operating funds for the maintenance and use of 
the NREN, including user fees, industry support, and continued Federal Investment; 

2. the future operation and evolution of the NREN 

3. how commercial information service providers could be charged for access to NREN, 
and how NREN users could be charged for such commercial information services; 

4. the technological feasibility of allowing commercial information services providers to 
use the NREN and other federally funded research networks; 

5. how to protect the copyrights of material distributed over the NREN; and 

6. appropriate policies to ensure the security of resources available on the NREN and to 
protect the privacy of users of networks. 


MSI - NASA Science Internet 9 
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NREN GOALS 


Priority: 


1) Implement high performance network services and systems to 
support the networking needs of the HPCC program; 


2) Enhance and expand, as required, existing regional research 
and education networks in order to provide appropriate access 
to HPCC sites and collaborators, and to HPCC networked 
resources; 


3) Provide for a smooth and economical transition to the gigabit 
NREN; and 


4) Provide for NREN access and use by the broader education 
(e.g. elementary, secondary, and higher) community and by 
libraries. 
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APPROACH 



EXISTING 

FEDERAL 

INTERNET 

► 

INTERAGENCY 

INTERIM 

NREN 

► | NREN | 

Agency Nets 
Regionals 


NSFnet Extension Gigabits! 

DARPA R&D 

Campus Nets 

Agency (NSI) Upgrades 
Regionals Upgrades 
Education Access 


NSI - NASA Sctone* 1 1 
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FNC Organization 
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EOWG Coordination Activites 


Coordinate plans and actlvltlas for the existing federal Internet systems to maintain 
stability, reliability, and uniform high quality of service. 

. Review agency operations and engineering activities to assess their effectiveness 

. Arbitrate routing issues for the federal domestic and collaborating International 
networks that are part of or connect to the Federal Internet 

. Maintain working relationships with commercial product & service providers 

Coordinate the NREN Implementations of the HPCC agencies: 

. Review & assess NREN architecture options and Implications 

. Provide recommendations to move from the current Internet to the NREN 

. Analyze NREN requirements from HPCC agencies, with due conslderbtlon of other 
agencies as well as the broader research and education community 

• Identify policy Implications of technical alternatives 

• Assist In documenting NREN status to HPCC Management 


NSt - NASA Science Internet 



NSt - NASA Science Internet 
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Industry-University-Government 
High Speed Network 
Research Testbeds 


MIT, U Penn, 
Bellcore, IBM, 
Bell Atlantic, 
MCI, NVNEX 


CMU. PSC, 

NRL, Bell Atlantic 


SOSC. Cal Tech.Los Alamos, 
MCI, Pacific Telesys. US West 


UNC. MCNC, 
Be« South. GTE 


Hole: see special report on -GIGABIT NETWORK TESTS EDS’. COMPUTER, 
V 23 N.9, September, 1990, IEEE Computer Society. Los AJamitos CA 90720 


NASA PERSPECTIVE 


NASA'S NREN 

• Funded by HPCC to provide investigator access to/between 
Grand Challange facilities 

• Represents less than 10% of overall NASA HPCC budget 

• Primary role Is to support HPCC! 

REQUIREMENTS 

• T3+ class service between 5 NASA HPCC Centers 

• T1+ class service to ~ 100 Principal Investigators 


NATIONAL CONTEXT 

• NASA must coordinate NREN with other HPCC agencies 

• NASA needs high performance national network infrastructure 

• NASA supports U.S. science education and research 


NSt - NASA Sdanoa Internal 
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NASA Approach 


T3 SERVICE BETWEEN NASA CENTERS 

• Provided by SMDS switching fabric 

• Used wherever high performance access is required 

• Provides access to existing NASA networks with HPCC users 

• Leverages on TELCO investments & directions 

Tl SERVICE TO NASA INVESTIGATORS 

• Assumes investigators at sites already connected (i.e., NSFNET) 

• No NASA funds for point-to-point Tl ’s 

• Use T3 to NSFnet for aggregated Tl requirements 

• NSFnet access via FIX'S, after upgrade to FDDI 


NSI • NASA Sckmc* Internet 


Current Telecommunications Infrastructure 


DEDICATED POINT-TO-POINT LEASED LINES 

• Local loop provided by Local Exchange Carriers (LEC’s) 

• Long haul provided by Inter-eXchange Carriers (IXC's) 

• No customer switching equipment at TelCo central offices 

• Possibility of link failure requires redundancy 

• Dedicated to single user use (and billing!) 

• Limited bandwidths available (9.6, 56, 1544 kbps, etc...) 

‘ (iT. PSC , (fcOMM) ne ' WOrk monl,orln 9 >"<■ diagnostics 

• Routers at user sites perform packet switching 

- LAN interfaces (e.g., Ethernet, FDDI, etc.) 

- WAN interfaces (e.g., serial sync lines using V.35, etc.) 

- Switch packets from serai line to serial line or LAN 

- Provide network layer routing 
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FAST PACKET TECHNOLOGY 


USER SITE CONNECTS TO TELCO "CLOUD” 

• Single access to TelCo local loop infrastructure 

• Telco provides internal cloud redundancy 

• Telco packet equipment switches link to link 

• Multiple access rates (SMDS @ 1.5, 4, 10, 16, 34 ... Mbps) 

• Protocol independent switching at high speed 

• Telco provides packet monitoring and diagnostics 

• Telco provides service • not links and hardware 

ROUTERS INTERFACE SITE TO "CLOUD” 

• Routers switch packets only between LAN and Telco 
’cloud* - Telco's do high performance switching, and 
allow routers to do more control! 

• Routers still perform network layer routing 



FRAME RELAY 


ANSI 1.122 & Q.931 

• Designed for 56 -1544 Kbps access 

• Private addressing scheme (i.e., DLCI) 

• Connection oriented 

• Each station must be configured with "link" to neighbors 

• No multicast capability 

• Internally carried as variable length HDLC frames 

• Available from carriers now 

• Easy to build router interface hardware 
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Switched Multimegabit Data Service 


SMDS (Bellcore specification) 

• Designed for 1.5-155 Mbps (extensible to 622 Mbps) 

• Public addressing standard (E.164 - phone numbers!) 

• Connectionless datagram protocol 

• Neighbors can be configured as Virtual Private Net (VPN) 

• Multicast supported inside the VPN 

• Internally carried as 53 byte fixed length cells 

• Available from some LEC's now at 1.5 Mbps 

• Router interfaces more sophisticated (IEEE 802.6) 

• Preferred by most LEC’s and IXC's for service interface 

• Requires SONET at 155 Mbps (STS-3c) and above 



Asychronous Transfer Mode 


ANSI T1S1 Group 

• Designed for use at 155 Mbps and above (requires SONET) 

• 53 byte cell transport 

• Addressing, routing, accounting, congestion & flow control 
not well defined as yet 

• Many possible user interface standards (including SMDS) 

• Also suitable for high speed LAN architectures 

• Long term goal for Telco internal substrate 
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COST CONSIDERATIONS 


POINT-TO-POINT LEASED LINES 

• T3 price based on T1 price, T1 prices based on 56Kbps, etc. 

• Strong price hierarchy to prevent reselling & undercutting 
supply carrier 

• ARC-GSFC dedicated T3 cost = $3 Million/year 

• ARC-GSFC internal Telco cost significantly less! 

SMDS APPROACH 

• Prices based on access class (1.5, 4, 10, 16, 34.... Mbps) 

• Telcos can trunk internal net using internal cost, since no 
reselling of leased circuits is possible 

• Distance insensitive pricing 

• Same switching fabric can support Frame Relay and low 
speed uses 

NSt - NASA Sctenc* Intern*! 34 


SMDS Implementation Approach 


1. Leverage on DOE/LLNL procurement vehicle in FY92/93 

2. Deploy DS-3 SMDS attachments at ARC, GSFC, JPL, LaRC 
& LeRC in FY93 

3. Deploy new routers with DS-3 SMDS support with FDDI 
ring(s) in FY93 

4. ARC and GSFC sites ^provide interface to T3 NSFnet 
connectivity via FIX-E and FIX-W 

5. Deploy 155 Mbps support in FY94 given budget and 
requirements 

6. Deploy 622 Mbps support in FY95 given budget and 
requirements 

7. Prototype SMDS technology for use in other NASA and 
Federal programs as a proauction oriented network service 


NSI - NASA Sctenc* Intern*! 35 
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Issues & Concerns 


REMOTE INVESTIGATOR ACCESS 

• Assumes investigators are located at well-connected sites 

• Future of NSFnet backbone still being defined 

• Regionals vary in quality and service (little accountability!) 

HIGH PERFORMANCE PACKET SYSTEM 

• Vendor support is immature for routers, OSU’s, switches 

• Lack of Inter-Carrier-Interchange (ICI) protocol support 

• IXC deployment of SONET proceeding at lackluster pace 

• 155 Mbps and above to NASA sites is critically dependent on 
LEC SONET deployment 

• Dependent on Telco support and deployment schedules 

• Routing complexities when interconnecting VPN's over SMDS 



SUMMARY 


• Focus on meeting NASA HPCC Grand Challenge requirements 

• Maximizes use of existing network resources, NASA & non-NASA 

• Strongly leverages on telecommunications carrier plans and 
investments: no private dedicated systems 

• Minimizes NASA costs while still providing high performance 
capabilities 

• Fully consistent with national program objective to construct a 
high performance national network infrastructure 

• Provides for strong technology transfer to other programs 

• Provides testbed for advanced routing and management designs 
for large scale public data networks 
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E. Network Applications Technology 

Plenary 
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SOON 


The User’s Perspective 




My Personal View of Scientific Visualization 
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What characteristics do I, as a user, want in a 
visualization tool? 
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SOON 


The Randall Report - 
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The Randall Report - 


• a 

Si 

O s 

r- C 

o .g 
P o 

i« 
1! 
■o o 

SS 

1& 
D ) C 

8 ® 
0 ) a 
2 . C 

O * 

■2 .2 
co <5 

trf 

8,8 
of <0 
OC Q ) 

55 CO 

CO o 
■o co 
c J 

si 

® s 

E 

K - 0 ) 


•o 

c ^ 
.5 CD 

— Q > 
P Q. 

V, (A 

8 i 
s C 

% -2> 

1* 
^ <D 
CO £ 

c *- 

.2 £ 
m 

^ 5* 

£ 5 

ii 

o 5 

2 *5 

- & 

8 I 

o o 

S 2 

5 > c 

m Q > 

2 o 
£> d> 
ES 


« 

Q 


Q> 

C 


2 "o 
2 2 

c -2 
co o 

^ CD 

c a 
To * 

O v. 
O O 


* 
si 

o<a 

*8 g 

£ c 

s o 
§ ° 

J1 

go 

<D 

£ co 
V. o 
CD .C 
CO *- 

0 £ 

1 § 
co^l' 

Q) £ 

.2 o 

fc 8 

CD 3 

CO co 

CO CD 

.2 o 
•c £ 

|S 

co S o>.S 


CO "o 

•52 c 

£ CO 

If 

co 5 

sr 

o *c 

- ,D> 

c £ 

2 ^ 
& .o 


5 .t: 

0 55 

1 o 
Cfi 

Q) ^ 

3 fi 

co c 

s 8 

C Q > 


CO 

2 

CO 

q> 

£ 


V* 

£ 

c 

<D 

0 

V. 

£ 

1 

I c 

<D o 

§•§ 

co a 

.. co 


o 

JQ ) 


3 

£ 

5 k 


2-3 


q> 


c 

— O 

^ 2 
£ £ 
4- -C 

S S - 
§ 2 
s o 


"T 

8 

§ 


214 


The supercomputer center certainly has a role In 
providing high-end, specialized hardware for 
visualization. 
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Data Flow Visualizers 
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SOON 


Distributed Visualization at the NCOS 
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Methods of Distributed Visualization 
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Methods of Distributed Visualization 
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Methods of Distributed Visualization 
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Methods of Distribution within A VS (historical) 
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Methods of Distribution within A VS (current) 
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Methods of Distribution within A VS (current) 
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Methods of Distribution within A VS (future) 
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Issues 
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TAE Plus 

Transportable Applications Environment Plus 

A Tool for Building and Managing 
Graphical User Interfaces 

Marti Szczur 

NASA/Goddand Space Flight Center 
NASA Science Internet User Working Group Conference 
April 2. 1 992 Greenbelt. Maryland 

— NASA/GSFC 

1 

TAE Plus Overview 

• Background 

• Architecture 

• Development Environment 

• Runtime Environment 

• User Community 

• Future Direction 

— NASA/GSFC - 
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TAE Plus Key Objectives 


• Improve productivity of application Ul development 

-- Support WYSIWYG design of the Ul elements 

- Support evolution from rapid prototype to baseline system 
~ Provide reusable software components 

- Provide less complex set of application services 

- Support for Ul expert (who may be a non-programmer) 

• Provide buffer from technology changes 

- Separate the Ul definition from the application 

- Provide application programs with toolkit-independent runtime services 

- Support portability of applications across workstations (e.g., UNIX. VMS) 


NASA/GSFC 
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What does the X Window System provide? 
a standard for device independent window management 

• public domain protocol for window management services 

• low-level graphic and window managment primitives 

• MITs X-Window system is a public domain implementation of the protocol 

support for network interconnection 

• display process (X Server) and application (X Client) can exist on 
separate machines 

• X Protocol provides the network connection between X Server and X Client 


X Protocol 



NASA/OS FC 


Distributed Applications in X Environment 


workstation i 


Client ft-*! Server 


J monitors) 


• single workstation 

• no network 


workstation a workstation b 



multiple workstation 
single client/server 


monitors) 


client/server* 


J monitors)! 


NASA/GSFC 
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TAE Plus WorkBench Functions 

• Uses X Window System™ and OSF/Motif™ 

• Create, modify and save user interaction objects 

• Support for drawing, editing and saving data-driven objects 

• Define links between user interface objects 

• Rehearse a designed user interface 

• Icon editor 

• On-line help on how to use WorkBench 

• Support for application context sensitive help 

• Generates multi-language application source code 

(C, Ada, or TCL) 

• Object-oriented (written in C++) 


nasa/gsfc -i 

10 
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User Entry Interaction Objects 


Selection Category: 



Text Category: 

(» Dynamic Text: Value | in |T2 34S678S ^ LABEL 



Checkbox 

Icon 

Keyin 

Label 

Multi-line Edit 
Pulldown Menu 
Push Button 
Radio Buttons 
Scale (Slider) 
Selection List 
Text Display 

X Workspace 


NASA/GSFC -I 

»2 
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Data-Driven Interaction Objects 
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-tM. 

User Interface Designer Scenario 

• Create a panel 

• Add interaction items 

• Include another resource fite 

• Design icons and DDOs 

• Make connections 

• Create help information 

• Rehearse 

• Modify the design 

• Generate code 


nasa/gsfc -J 

i* 


WorkBench 


Main Menu 


£TAE Ph« W0f*Beoch 


.■,..|.,uninTT 


Resource Fil«i tutrts 
WorkBench Modei 

+ Mov«/Resize/Edit O Define Connectioi 
O Set Panel Default O Set Item Default 

Current Selection t 


| Undo 

Ctrl*® j 

| Hev P«xl 

Ctrl«p j 

[ New Its* 

TTTTj 


File 


Edit 


A rranfe Auxiliary 


Help 



CtrWk | 
apediy Initial Penal*- 


IceniQr WB Panels Cui«h | 
Create Tanainal 
WofkBanch Preferences— 


NASA/GSFC -J 
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Panel Specification 
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TAE Command Language (TCL) 


• Interpreted 

• Interactive or procedural 

• General capabilities 

- Intrinsic TAE commands 

- Online help 

- Local and global variables 

- Variable assignment and expressions 

- Macro-level substitution 

- Abbreviated command and parameter names 

- Constructs for conditional execution and looping 

- Proc invocation and Inter-proc communications 

- Graphic Window Manipulation 

NASA/GSFC 


Create Help Information 

• Select yes for "Help Item? - in the presentation panel for 
a button or an icon. 

• Click on "Edit Help File" in the specification panel for the 
selected panel. 

Jvalp 

<pl«c« panel help Information hera» 
jmpMtfOA 

The action itHdlo w m; <fM In ho4p las] for ea ch* 

Otaptay: 

Print: 

Pal—; 

Jufp Mlpct 

Tho aalactleaa aro: <m \m help last for aadi» 

NaA: 

Nil: 

ftteC: 

Jhetp qu— lion 

■ ■ NASA/GSFC 

a« 


243 



Rehearse 


• Select rehearse under the Auxiliary ... menu 

• The WorkBench collapses to an icon 

• All application panels disappear 

• A window labelled "Rehearsal” appears 

• The initial application panel is displayed 

• Application panels are displayed as prototyped 

• Click on WorkBench Icon to restore WorkBench 

- — NASA/GSFC - 
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Why use WPT Services? 


• Improve portability of applications 

(i.e., shelter from toolkit changes) 

• Improve programmer productivity 

(i.e., less complex set of routines to master) 

• Support multi-language applications 

(C, Ada, TCL.C++) 


NASA/GSFC -I 

31 


TAE Plus Application Services 

(Supporting User Interfaces) 


Window Programming Tools (WPTs) 

A subroutine package that displays and controls the TAE interaction 
objects during an application's execution. [40 routines] 


Collection Package (COs) 

A subroutine package that supports the association and management 
of groups of TAE objects [8 routines] 


Variable Manipulation (VMs) 

A utility package that receives, sends and manipulates TAE Plus 
variable objects. [18 routines] 


NASA/GSFC -I 
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" tafi e 

WPTs, continued 

PanelReset 

- redisplay panel with initial values for all items 

ParmReject 

- reject user input; replace with previous value 

ParmUpdate 

- change an item’s target value (as opposed to view) 

Pending 

- checks if an event is pending 

Rehearse 

- auto updating of a DDO’s value 

Setxxxx 

- set item (data type»xxxx) attributes, values and 
update displays 

SetTimeOut 

• set or clear timeout interval for event loop 

ViewUpdate 

- update item's view (i.e. t visual appearance) 

NASA/GSFC - 
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Code Analysis for TAE Plus V5.1 

• = 72.000 lines of C and C++ code 

• 12 megabyte recommended minimum memory 

• .4-42 megabytes required disk spacb 

- A mb: TAE runtime libraries, executables only 

- 2 mb: WorkBench executables only 

- 12 mb: no source, no demos, binary Kbraries 

- 42 mb: all source and all binary Hbranes, demos 

• - 1 1 ,000 and 5,600 LOC, respectively, for Stanford's 

interviews and idraw packages 

• requires X1 1 R4 and Motif 1.1 


nasa/gsfc -i 

39 


TAE Plus 


Implementations 


Validated Ports 

User Ports 

SUN3/UN1X 

SUN4/UNIX 

SparcStation/UNIX 

Apollo/UNIX 

HP 9000/3 00 & 700/UNIX 
DECstation 3100/ULTRIX 
VAXStation ll/ULTRIX 
386/486 series 
IBM 6000 (in progress) 
MAC It AAJX (V4.1, only) 

Silicon Graphics/UNIX 
NEC EWS 4800/220 

Massccmp/UNIX (V4.1) 

VAXStation ll/VMS 
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Adding New Presentations To TAE Plus 

• Highly modular - almost no change to existing WB/WPT modules 

• - 150 new lines of WPT code - in C++ 

• - 100 new lines of WorkBench code - in C++ 

• New code may be written using TAE Plus templates 

• Involves three basic steps: 

1 . Write the widget, compatible with the referenced widget set 

2. Integrate with WPT 

- Make a new presentation type, subclass from Wptltem 

3. Integrate with TAE Plus WorkBench 

- Design Presentation panel for the new presentation 

- Add to WorkBench Resource fOe 
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Productivity Case Studies 


Case 1 : Develop application with realtime object using 

(1 ) Xt and widgets, directly 

(2) TAE Plus WorkBench and Wpts 


Case 2: Develop same interactive application using 

(1) Xlib directly, 

(2) UIL and UIL service routines 

(3) TAE Plus WorkBench 


Measure application development time 
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Development Benchmark 1 

A program that ha a two panels, a few action icons, a radio button 
bank and a dynamic mover object that moves along a static 
background when the associated data value changes. 

a 

Hours 50 
40 
SO 
SO 

to 


TAE ♦ X TAE* I 

Novice Novice Experienced I 

NASA/GSFC -I 



-taa. — 

Development Benchmark 2 

A screen copy utility which gathers information through radio 
buttons, action icons, and text input. Then, it sends the information 
to an HP printer, as well as updating a text widget on the screen 


Hours 

80 

60 


80 


40 


to -f 



40 

:%*vvs» 
>•%•%•% t 
•V'Vvv 

■wvv 


X lib/ 
Xray 


UTL 


TAE> 
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Who is Using TAE? 


Outside of NASA: 

DOD: Army, Navy, Air Force, DIA, DMA, DARPA 

Other Gov't: EROS Data Center, Bureau of Land 
Management, NCAR, NIH, NIST, NSA r NOAA 

Universities: C.U., Duke, Boston, Cornell, 

Georgia Institute of Technology, CalTech, Arizona 
State. Purdue, UCLA, U. of Md.. MIT, Stanford 

Private: AT&T Beil Lab, Boeing, CSC, Contel, GE, 

HP, IBM, Lockheed, McDonnell Douglas, Unisys, 

GTE, Northern Telecom, Martin Marietta, Battelle, 

TRW, Apple, Magnavox, GE, Loral, CTA, U.S. 

West, Westinghouse, Hughes, Mitre, Stanford 
Telecom, Chrysler Corp., Booz Aden, Rockwell, 

Harris, PRC, Inc., 

. NASA/GSFC - 


Who is Using TAE? 


Outside of U.S.: 

Europe: SASC/Sweden, Imperial College of England, 
York University/England, Crosfields Electronics 
Ltd./England, Ford Motor Co., Ltd./England, UhiversitS 
de Paris/France, European Synchrotron Radiation 
Facility/France, Cap Sesa Regions/France, 
DFVLA/Germany, Institute of Optoelectronics/Germany, 
Leading Edge Technology Transfer/Germany, European 
Space Agency/Netherlands, Computer Resources 
Intemational/Denmark, Laben Spa/Italy, Instituto 
Fisbat-CNR/ltaly, I.P. Sharp/Canada, CAE Electonics, 
LtdVCanada, SED Systems, IncVCanada 

Other: United Nations Environmental (Kenya, 
Switzerland), New Zealand Government 
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TAE User Profile: Application Types 

"Check the categories that best describe your application ’ 


Engineering Analysis 

33% 

Operations/Control 

33% 

Realtime 

24% 

Scientific Analysis 

24% 

Database Application 

22% 

Near Realtime 

18% 

Image Processing 

16% 

Office Automation 

2% 
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Data Base/Analysis Applications 


• GSFCs National Space Science Data Center (NSSDC). 

• GSFCs Distributed Access View Integrated Database (DAVID) 

• GSFCs International Solar Terrestrial Data Distribution Facility (ISTP DDF) 

• Wallops Flight Facility image analysis tool (COLOR) 

• JPL's IPAC database search program 

• NOAA's user interface to oceanographic database 

• U. o f MD*s Viewcache, access for interoperable databases 

• EROS Data Center browse/retrieval of satellite imagery 

• Wallops Island's image retrieval/processing system 

• Contel’s meteorological data retrieval system 

• National Library of Medicine browse/retrieval of biotechnology data 

• National Cancer Institute's user interface to analysis data base 

• JPL*s Planetary Data System (PLDS) 

• Pennsylvania State University (geographic information) 

• USAF Plume Date Center (analysis data base) 

• Langley Research Center user interface to atmospheric data 

• U.S. Geological Survey (analysts data base for 3-D image cubes) 

• Hughes Aircraft (geographic data base) 

• Shell Development Co. (user interface for DBMS) 

• Stanford's Solar Oscillations Imager 

NASA/GSFC - 
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Operations/Control Related Applications 

• GSFC's Packet Processor Enhanced Frcrt End S Control System 

• CU's Operations and Science Instrument Support System (OASIS) 

• GSFC's Request-Oriented Scheduling Engine (ROSE) 

• GSFC's Network Control Center User Plarrmg System (NCCAJPS) 

• Georgia Tech's Multi Operations Control Cenrer Simulator (GT-MSOCC) 

• GSFC's Generic Telemetry Simulator (GTSIM) 

• GSFC's International Solar Terrestrial Physics Central Data Handling Facility 

• Air Force's Tactical Air Combat Simulation (TACS) 

• GSFC's Space Netwoik Control System prototype scheduler 

• Army's Tactical Command and Control System 

• Martin Marietta's Access Control System far secure network access 

• ESA's Columbus Crew Workstation prototyping 

• General Dynamic's Real-Time Control System (or Ground Operations 

• Army's Operation Order Generation (or Bat al ion and Below Command and 

Control Program 

• GSFC's SAMPEX Command Managemeit System 

• MSFOs ECLSS Process Control Prototype 

• Lockheed's Advanced Tomahawk Weapons Control System 

• JSC's Shuttle Mission Control Center Upgrade (MCCU) (or TSS Mission 

• Northern Teleoon’s Technical Assistance Service (TAS) System 

■ — NASA/GSFC - 
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Primary Concerns 


• Performance 

- all events/messages gc across network 
— distribute Ul manager/dispatcher with server 
— display and hide Ul elements 

-- multiple software layers (Xlic Xtoolkit, WPTs) 

-- workstation limitations 


• Size 

- overhead to application code indudes X, Motif, WPT 
~ not currently utilizing shared libraries 
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What Sets TAE Plus Apart from Other Motif Tools? 


• User Focus (ease-of-use lor Ul design professional) 

• Spans a 0 tool categories (virtual API, layout description language. 

interactive design tool, U1MS) 

• Higher level API abstraction 

• Data-driven objects 

• Help facility 

• Auto constraint checking 

• Support for WYSIWYG panel connections 

• Code generation for multipie programming languages 

• TAE Command Language 

• Dynamic resource file (no compiling; make changes during runtime) 

• Source code included 

• Government software (low cost. Iberal license) 

• User support (technical advice, newsletter, conferences) 
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Future Directions 


U9cr Interface user Interface application 

“object - builder* developers programmers 



— NASA/GSFC -J 

so 


255 


TAE Plus V5.2 Features 


• New interaction Objects: Menu Bar with Cascading Menus, 
Option Menu, File selection dialog, Message boxes (error, 
information working, warning, question) 

• Support for Accelerators/Mnemonic specification 

• Improved color/font selection 

• Scrollable panels and workspaces 

• C++ code generation 

• Support for multiple console displays and screens 

• Support for tabbing/traversal 

• Help and message panel tailoring 

• Support for object stacking 
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F. User Services and Applications 
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IETF User Services Directory Information Services 

Working Groups and Infrastructure (DISI) 

Projects 
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User Services Area Council (US AC) 


Internet Anonymous FTP Internet School Networking (ISN) 

Archives (LAFA) 

Chaired by 

Chaired by Peter Deutsch 
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User Documentation (UserDoc) User Glossary (UserGloss) 

Chaired by Lenore Jackson Chaired by Gary Malkin and 

and Ellen Hoffman Tracy LaQuey Parker 
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Network Information Services - Network Operational Management 

Infrastructure 

This topic overlaps with other 

A global infrastructure for common IETF Areas such as network 

shared Internet-wide network management, operations, and 
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in the international 
networking community. 



Education - Documentation and Distribution 
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Liaison Role Internet Documentation 

for USERS (not WIZARDS!): 
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3 “Site Security Handbook”, 
Jul. 1991. 



1 “FYI on Questions and Answers: FYI 2 “FYI on a Network Management 

Answers to Commonly Asked Tool Catalog: Tools for 

“Experienced Internet User” Monitoring and Debugging 

Questions”, Feb. 1991. TCP/IP Internets and 


<L> 

A 


o — ; 

3 £ 
T3 On 

O On 

Vh i-H 
■«— > 

G A 
hh cj 


H- t 

P-l 


>* H-i 
£ 

L ^ 


a rH 

o On 
t— 1 On 


0 O 
**■* On 

(L> On 

1 ~ 

OQ 

a <, 

oo „ ~ 
G V. 


G 

O 

e 

e 

T3 O 
§ u 

c 2 

O £ 
+3 «i) 

(D > 

3 G 

o < 

G .. 
O £ 

£ 2 


<L> 

tn $ 

5 - 

dj On 
G Gn 


£ -8 

u. 

£ 

Z G 

5 O 
'O t* 

.£ S 

8 O 


g &• 

O t-< 


275 


nformation 



Request for Comments Internet Documentation Process 
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The Internet Cruise 


Laura Kelleher 
Merit, Inc. 


Due to copyright considerations and 
changes in the source material, the Internet 
Cruise can be acquired from the Merit NIS 
at 1 -800-66-MERIT 
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Defining a Requirement 
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Security support is also derived. 



Plannina Office Services 
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NASA Sci»nc» Projtct John H. Martin 



<0 
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AVERAGE IMPLEMENTATION 
(12-18 MONTHS) 




OSSA Requirements Processing Timeline 



285 


nasa sciinc* Jni9ffv«f Project John H. Martin 
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NASA Sclwnc^ tntwmml Project John H. Martin 









Overview 
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NASA Seine* inumtt prefect John H. Martin 9 
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Draft Project Specific 

Project Review Cycle Requirements Reference Documents 
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nasa sdtnct tnHrmi Pn>f»ci John H. Martin 12 
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Drafted and Distributed "How to" Documentation 




Tib® NASA S<£3(6 cd(C( 6 Hmitl©iraQ(£l~ 
N®HwDiPlk HaalT(DiniaQiitl3(Dai CooDfrur 
MoHjp Hlkfislk 


Bill Yurcik 
Hughes STX Corp. 

April 1, 1992 

iwaca c . . Presentation to the 

NASA Science Internet User Working Group (NSIUWG) Conference 


INI ' 


What is the NSI NIC Help Desk? 


t . _ r#M * gfintraHzed contact point 
^ V Q? / th^Sl r l!£y ork>ng ^rmatign 

for the entire NSI community 

■ Respond to user requests 
Coordinate with the NSI NOC 
Coordinate with other NICs 
Reflect user feedback to NSI Project Management 
Report statistics on Help Desk Operations 
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Responding To User Requests 


Sharing information 
. Answering questions 

• Solving problems 

. NSI-DECnet node administration 
. Referring users to most appropriate sources 
. internal procedures to optimize our effectiveness 

(reference material, training, internal handoffs, organizing information) 

• Striving to provide more personal interaction 

(increased staff coverage, telephone contact, meetings) 


NSI NIC/NOC CoordinatiorT 


Coordinate response to i^er reauests with 
NSI Network Operations Center (NSI NOC) 

, Work with the NSI-NOC to provide more network 
status information to users 

e-mail announcements of network events, maps, 
network statistics, automated voice messages, an automated 
trouble ticket system accessible to users 

. Work with the NSI NOC to provide network 
management tools to users 

via NSI (read-only) 
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Reflect User Feedback to Project 


Reflecting feedback of user-oriented concerns during project 
development 


Reflecting feedback from new users who contact the 
NSl NIC Help Desk in search of "network orientation" 


Reflecting feedback from users repeatedly requesting 
similar information either on-line or hard copy 




Operations 

Reflecting feedback from users for large scale user services projects 
f i.e. NSI Resource Guide , directory services > library access, etc...) 


Monthly NSI-NIC Help Desk Report 


(1) Identification of valuable information to be compiled 

y^ahnisms to transparently gather and process 
NSI NIC Help Desk Information 

(3) Development of significant statistics 

(4) Presentation of statistics in meaningful and 
visually-intuitive formats 

(5) Mechanisms to distribute a Monthly NSI NIC 
Help Desk Report to the NSI community 
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NSI NIC Help Desk 
F uture Objectives 

WE WOULD UKE USER PRIORITIZATION INPUT ON THE FOLLOWING 

• NSI NIC facilitated mailing llsta on apodal Interact topics 

. An Automated User Request Tracking System 

(directly acessiblt by users via NSI) 

. Improved telephone response capabilities 

• Increased hours of staff coverage 

• Increased reference capabilities, on-line & hard copy 

• increased use of on-line applications In Help Desk support 

• NSI NIC Help Desk Newsletter (with FAQ, FYI, news, announcements) 
. Training for NSI user community 

• Separate NSI User Services Meetings with open discussion 


WHO YOU GONNA CALL? 


NSI Network Information Center 


Code 930.6 

Goddard Space Flight Center 
Greenbelt, MD 20771 

301-286-7251 

(FAX) 301-286-5152 

nsihelp@nic.nsi.nasa.gov 

nsinic::nsihelp 


N' 
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NSI NIC Possibilities 


• Directory Services 

interim solutions) 

• Indexed Access to the NSI File Cabinet 

NSI ARCHIE client/server 

• NSI NIC Info Server 

based on NNSC info server, automated e-mail responses 

• On-Line Access to NASA Center Libraries 

bibliographic search and retrieval, special databases, nationawide, full text 

• NSI Resource Guide 

one document that pulls together NSI Resources (databases suoercomnut.r* 
e-mad syntax, FTP sites, on-line resources, 

• NSI E-mail Distribution Lists on Special Topics 

tctencejdiscipUne@nU.nasa.gov, project@nic..., net_status@nic.. 
nstuwg@nic..., action@nU..., nsi_decnet@nU..., new tools@nU... ’ 


NSI NIC Possibilities 


• NSI Anouncement/Bulletin Capability 

info@nic.nsi.nasa.gov, on-Une calendar, electronic newsletter 

• Facilitate Research Collaboration on NSINIC Host 

Common development environment for papers , sharing software , electrons journals 

• NSI Information Tools Transfer 

™, S ,i? nmenl of ,p Addresses for Nobile NSI Users 

TCP/IP access through configured terminal servers 

NSI Wide Area Information System (WAIS) 

search and retrieval system which is question-based 
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f | NSI NIC Possibilities | 

WE WOULD L/KE USER PRIORITIZATION INPUT ON THE FOLLOWING 

. NSI NIC facilitated mailing lists on special Interest topics 

. An Automated User Request Tracking System 

(directly acessible by users via NSI) 

. Improved telephone response capabilities 
. increased hours of staff coverage 
. increased reference capabilities, on-line & hard copy 
. increased use of on-line applications In Help Desk support 
. NSI NIC Help Desk Newsletter (with FAQ, FYI, news, announcements) 
. Training for NSI user community 

. Separate NSI User Services Meetings with open discussion 



[ Information Tools on the Internet^ 

ARCHIE 

CHPHER hierarchical browsing tool, full text, muM-msdla, TELNET, FTP, wor ** w/ 

" ARCHlEyWAIS/WWW, TELNET consultant.fnicro.umn.sdu login: gopher 

HYTELNET 

knowbot 

TELNET nri.reston.va.us 185 

PROSPERO ^ 10 

send mall to lnfo-prospeco<g>lsl.edu 

WAIS I SWAIS 

TELNET quaks.thlnk.com or hub.nnsc.nsf.nst login wai 

WORLD-WIDE WEB 

ARCHIE/GOPHEH/WAIS 
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Library Cataigqs; 

Internet-Acesslble Library Catalogs and Databases 
Libraries: Accessing On-Line Bibliographic Databases 

anonymous FTP ftp.unt.edu library libraries Jxt W HniC UaiaoaSeS 

Libraries: List of Contacts for Internet On-Line 
Bibliographic Databases 

anonymous FTPftp.unt.edu library libraries.contacts 

,0 ,he ,Merne * Ub «'rles More 

TBLNET wugate.wustl.edu login : library terminal type » vtlOO 

Campus Wide Information Systems fCWK) 

anonymous b TP ftpsura.net nic cwis.list 

L 


[ information Tools on the In ternet 
Qn-Line Internet Re source 


MERIT 


NNSC 

(NSFnet Network 
Service Center 


NORTHWESTnet 


anonymous FTP nic.merit.adu 
directories intemet/resources 
internet/publications 

"Internet Resource Guide" 
anonymous FTP nnsc.nsf.net 
in directory resource-guide 
can be received via e-mail using 
NNSC Info server by sending a note 

to resource-gulde-request@nnsc.nsf.net 

"Northwestnet User Services Internet 
Resource Guide (NUSIRG)" 
anonymous FTP ftphost.nwnet.net 
In directory nic/nwnet/user-guide 
start with file readme.nusirg 
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On-Line Intern et BSSQWSS. Guides 


NYSERnet 


SURAnet 


THEnet 


"Ntw User's Guide to Useful end 
Unique Resources on thajnts rnst" 

Version 2.0, anonymous FTP nysernet.org 
in directory cd/pubafguldes 

Menu-driven tour of resources In the guide 

TELNE? nysenw^org login: nysrvlew 
password: nysrvlew 

"Information Available on the Internet: 

A Guide to Selected Sources" 
anonymous FTP ftp.sura.net 
located In directory nlc 

"User's Direc tory of Computer Networks" 
anonymous FTP ena.utew.gu 
In directory net.dirsctory (87,88,89) 


Information Tools on the Internet 


Misc Pointe rs to Information Tools 

RFC 120 'There's GOId In Them Thar Networks!" 

Internet Mall Distribution Usts 

'^^SfFTPttp.nlw.-l.oom dMctory n«lnlo hM.«- t ~ U p..t«t 
NETNEWS 
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Selected Topics from the Audience 








NSINIC Services 
Future Possibilities 


C. Wrand/e Barth 
April 1. 1992 


HUGHES 


HUGHES STX CORPORATION 
NSIUWG • March/April 1992 


Requirements-Driven Support 


HUGHES 


• Potential service awareness to feed user requirement process 

• Existing basic services 
o Help desk 

o New user documentation and mini-guides 
o Outreach 
o NONA 

o NSI File Cabinet 

• Custom services 

o Initially provided to support special requirements 
o May evolve to become a basic service 
o Example: Electronic Postal Facilities 

Value-added transport-agent services that can be provided on top 
of traditional email without changing the user agent 
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HUGHES 


Electronic Postal Facilities 


• Remailing 

• Address query; with fuzzy match 

o Example: / FN-JOHN* / LN-ROBI NSON/ I NSTT TUTI ON-CUNY 

• Distribution lists 

o For official broadcast from fdw to many 
o For distribution from any to all in group 
o For closed-group discussions 
o For open-membership discussions 

• File archive of distributions with ability to order part/all 

• Document ordering 
o Email delivery 

o Anonymous FTP/USTSERV style 
o Abstracts 
o Postal mail delivery 
e Trouble ticket status 

• Conference registration 

• Message text transformation 

• Other batch services from NIC 


Potential Future Services 


HUGHES 


• Replicate/customize emerging services (WAIS. Archie, ets/.) 

• Provide utilities for session/presentation/application layers 

o Distributed systems. RPC protocols, client/server systems 
o Interim utilities for data transfer 

- Compression, error checking/correction, library utility, data 
conversion 

• Other OSI/GOSIP applications: 

o MHS/X.400. VT, directory services, transaction processing, remote 
DB. FTAM. ODA. CGM/GKS, electronic data interchange, SGML 

• Educate users in connectivity protocols, software 
o Client/server, among-peer protocols 

o Toolkits for protocol support 
e Emerging technologies 

o X 3 - windows, remote visualization, interoperating databases, 
multimedia conferencing 
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CRUSH 

The NSI Data Compression Utility 
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VMS file characteristics (e. g. sequential organization, variable-length 
records) are retained through the compression/decompression 



CRUSH 

The NS I Data Compression Utility 
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CRUSH 

The NSI Data Compression Utility 
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CRUSH 

The NS I Data Compression Utility 
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-p c3 
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120.84 

118.97 

32.57 

100.35 

16.39 | 

Percent 

Saved 

41.37% 

41.28% 

28.91% 

25.82% 

23.23% 

Corrpressed 

Bytes 

1097235 

1098897 

1330400 

1388291 

1134932 

Input 

Bytes 

1871648 

1871648 

1871648 

1871648 

1478432 

Method 

Best each file 
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CRUSH 

The NS I Data Compression Utility 
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greatest compression 




G. Networking Subgroup Presentations 
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The Program Support 
Communication Network (PSCN) 
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Program Support Communication Network 
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- Front-End network resource manager NET IDNX 70 & 90s 

- Road runner replacement 

- DS-3 Ring 




DECnet Phase V 
Update 
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OMNI namespace support within ESnet (cont.) 
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The piecemeal support for full names (likely MAIL & SET HOST) does alleviate to some degree 
the problems with lack of full name support, but does not eliminate the problems/concerns. 
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Both options are presently being evaluated for feasibility and impact on the network. 
Specific routing plans for individual ESnet DECnet areas are on hold awaiting that decisioi 



ESnet DECnet Phase V Documents 
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ESNIC = 41.174/42158 
HEPNET = 42.620 / 43628 
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Actions pretaining to Phase V routing support remain on hold pending resolution 
from the OSI routing task force of the Phase V/CLNS routing problem. 



NASA 1 


NASA/NSI UPDATE 
DECNET/OSI PHASE V 
ACTIVITIES 


NSIUWG NETWORK SUBGROUP 
APRIL 1, 1992 


V 

April 1, 1992 NSIUWG Network Subgroup 


1 


Space Science Laboratory / MSFC 
Linda Porter 



r 


NASA' 


Phase V Update 


New NASA Technical Group (DOT Group) 

• DOT meetings - summary 

• Current DOT actions 

• ICON 


Phase V Testbed Activities 
• MSFC/GSFC/DOE 



NSi Activities 
• DOE/EDWG 
• HSDCG 


April 1, 1992 NSIUWG Network Subgroup 


Space Science Laboratory / MSFC 
2 Linda Porter 
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✓NASA 

( Phase V Update 



DOT ACTIONS: 

1) write "cookbook” on DECdns naming and implementation 

2) subgroup to examing RD boundaries in greater detail 

3) work with Intercenter Council on Computer Networking (ICCN) 


DOT STATUS: 

1) cookbook in progress (no draft available) 

2' > subgroup has yet to meet 

3) DOT group now officially recognized subgroup of ICCN 


V 

April 1, 1992 NSIUWQ Network Subgroup 


4 


Space Sclance Laboratory / M8FC 
Linda Porter 
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[ Phase V Update 

I PHASE V TESTBED ACTIVITIES 




• MSFC/GSFC/Fermi National Accelerator Laboratory (FNAL/DOE) 
continue Phase V testing (see map) 

- Extensive testing of DECdns, routing on various platforms (Ultrix, 
VMS, DR2000), Interaction of IS-IS on DR2000 with Cisco CLNP 

OTHER ACTIVITIES 

• NSI continues collaboration with Energy DECnet Working Group 
(DECdns naming papers, general PV/OSI transition planning) 

- NASA/NSI DECdns naming paper in draft but available!! (JUST ASK) 

- NASA/DOE transition paper almost available (3 weeks - Update 
from DECUS April 1991 paper) 

• NSI continues work with HEP-SPAN DECnet Coordination Group 
(Warren VanCamp will give summary) 

► HOW DO YOU WANT NSI/NASA TO INTERACT WITH YOU? 


Space Sciatica Laboratory / MSFC 
April 1, 1992 NSIUWG Network Subgroup 5 Linda Portar 
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NASR/DOE OSI/Phase U test network 
(snapshot of July, 1991) 



to CERN (area 26) 


3 



9.6Kb/D0CMP/static routing domain bdy 




Cisco router (IS0/I6RP) 


Ufanrtr: OEMSR based Phase U router *U)RNrouter 500* 
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NSI DECdns Implementation 

REQUIREMENTS 
LOGICAL NAMESPACE 
PHYSICAL NAMESPACE 
TIME SERVICES 
NSI NAME SERVERS 
NSI SITE SERVERS 


V 

April 1, 1992 NSIUWG Network Subgroup 


Space Science Laboratory / MSFC 
Linda Porter 


✓NASA 

I NSI DECdns Implementation 


REQUIREMENTS 

• Single global namespace for DECnet Internet (called OMNI) 

• Coordinated time service for name services. 

• Use X.500 recommendations, hierarchical (tree) name structure. 

• Efficient access of the namespace by users - l.e. distributed 
services. 

• Autonomous management of subtree name structure. 




2 


April 1. 1992 NSIUWG Natwork Subgroup 
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Spaca Sclanca Laboratory / MSFC 
Linda Poriar 
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NASA DECdns Implementation 


LOGICAL NAMESPACE 

• Relies on X.500 recommendations for full names: 


.US.<org>.<org-unit>... 

• Recommend names be kept SHALLOW 

- Future requirements may add levels for X.500 or GOSIP compliance. 
• Names are for USERS! 


• Recommend adoption of Internet name (if applicable) for DECdns 
names • minus the "top" level domain (GOV, EDU, etc.), e.g. 

SSL.MSFC.NASA.GOV \ TCP/IP Internet names 
MIAMI.RSMAS.MIAMI.EDU / 


becomes (X.500 recommendation DECdns object ): 



.US.NASA.MSFC.SSL 
.US.MIAMI.RSMAS. MIAMI 


April 1, 1902 NS9UWQ Network Subgroup 


} 


DECnet Internet PV names 


3 


Space Science Laboratory / MSFC 
Linda Porter 
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[ NASA DECdns Implementation 

I LOGICAL NAMESPACE (Continued) 



• Node object directory - contains name, address, tower information for 
each PIV and PV system in network. Catch-all directory will be 
created for NSI PIV systems (.US.NASA.NSI_NODE) 


Node synonyms (short names) for NSI systems will be registered 
In synonym directory for NSI/NASA (.US.NASA.NODE_SYNONYM) 
Local site synonym directories may exist. Node synonym 
directories not shared between major network partners 


• Backtranslation directories (for address to name resolution) 
automatically created by namespace managers and registration 
process. 

• Hierarchical access control groups created for each level of directory 
structure. Allows small group access to top levels of namespace, 
centers access and control over own center level directories. 



What does all this look like?. 


April 1, 1092 NSIUWG Network Subgroup 


4 


Space Science Laboratory / MSFC 
Linda Porter 
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NASA DECdns Implementation 

PHYSICAL NAMESPACE 

• How the logical namespace structure is distributed over cooperating 
name servers. 

• Clearinghouses are files containing one or more replicas of 
directories and their contents. 

• Recommend at least two replicas of every directory. 

• NOT recommended to replicate more than needed. 

- Do not replicate on unreliable servers. 

• Do not replicate in remote parts of network unless really needed. 

• A few servers in global network (initially 4) will contain replicas of 
the root .DNA_Backtranslat!on, .DTSS_GlobalTlmeServers. 



V 

April 1. 1902 NSIUWG Network Subgroup 


7 


Space Science Laboratory / MSFC 
Linda Porter 
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I NASA DECdns Implementation 



TIME SERVICES (DECdts) 

• Used by DECdns to keep namespace consistent. 

- Also provides reliable time information to all DTS clerks on network. 
(Most systems are clerks) 

• Selected DECdts server system objects placed in 
.DTSS_GlobalTImeServers directory (noncouriers) 

• Sites select local systems (couriers) to time off of noncourier systems 
in .DTSS_GlobammeServers directory. Only two per LAN 
recommended 


• DTS clerks (rest of PV systems on LAN) receive timing from couriers 
on LAN. 



April 1, 1992 NSIUWG Network Subgroup 


8 


Space Science Laboratory / MSFC 
Linda Porter 
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I NSI DECdns Implementation 

I Logical Namespace Access Control Schematic 



.USJ4ASA.MSFCMSFC_MGRS SSL 




April 1, 1092 NSIITWQ Network Subgroup 
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Space Science Laboratory / MSFC 
Linda Porter 
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NASA DECdns Implementation 

NSI/NASA WIDE NAME SERVERS 
• Replicate Important directories: 

oth Uvtl l«tel 2nd iev«| 3rd level 

(^— m ) r~ ( -NASA V — (<ft> —ARC ) 

\\ ^ — MS<_NOOC ^ 

\ C <0 T 5S_6 1 oee » T im» Servers'^ \/ A 

\ w yerb -nooc-Svnon 




) 

SVN0NVT1 } 


.XX 4 70020 




XXpty: 




April 1, 1902 NSIUWQ Network Subgroup 


10 
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Linda Porter 
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[ NSI DECdns Implementation 


SITE NAME SERVERS: 


2nd l«v«l 


3rd l»v«l (and da low) 


parent 
e tree ter i< 
ripIKilH 
elsewhere 






HOOC-SYNO NVM 


3 


JU pvpr#n*_«/#rrctory 


& ^XKpvaree J 


parent direr I ary repealed eisrwher 


e.g. "site" could be "MIAMI" (just below .US directory), 

Miami uses area 3, "pivarea" would be %X0003. 
"pVprefix_dlrectory and "pVarea" based on OSI style 
NSAP (assigned by OSI address authority for U. Miami.) 


v 

April 1, 1992 NSIUWG Network Subgroup 
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Space Science Laboratory / MSFC 
Linda Porter 
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( Addressing 


ADDRESSING => GOSIP Compliance for NASA 

IOP ^ — DSP * 


-4 HO DSP 


[E 

IQ 

0 

m 

rsvd 

E3 

| LA | 

ID 

rM 

1 

2 

1 

3 

2 

i 

1 

6 

1 


. Two AA's for NASA: 003400 (PSCN) 005900 (NSI) 

- 003400 may be NASA "private" 

- 005900 may be NASA "public (advertised to Internet) 

• Centers may choose to use one or other AA, or may multlhome 
to both AAs. (Choice of AA to use does not affect reachability - 
that Is function of routing.) 


. Good overview Is "Guidelines for OSI NSAP Addressing In the 
Internet", RFC 1173 by Colella, Gardner, Callon 


v 

April 1, 1992 NSIUWG Network Subgroup 


Spaca Science Laboratory / MSFC 
Linda Porter 
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Addressing 


DECnet Phase IV compatibility REQUIRES 

1* All systems reside same IDP+HO DSP (NSAP Prefix) 

2. All Phase V systems assigned "PIV compatible address’* 

IPP HO DSP 10 SEU 


470020 


0007 


■•000400Z71C 


M 


(LA) 

- 470020 will be used in DECnet Internet (HSDCG agreement) 

- Phase IV address is 7.39 in example for system SsL 

"NASA adopts GOSIP, but PIV compatibility requires non-GOSIP 
address (although a valid NSAP), how can transition proceed? 

pASY On theory): Assign system two addresses! (multihoming) 
E.g. SSL uses address as above and GOSIP Compliant address: 



0005 

<0 003400 

0000 

0t)00 

0102 

08002b1l2c69 

Z] 


April 1, 1992 NSRJWG Network Subgroup 


Space Science Laboratory / MSFC 
Linda Porter 
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4 


NASA 


Routing 



Intradomain and Interdomain Routing considerations: 

Definitions (pertinent routing layer protocols): 

• ISO 8473 (CLNP) defines packet format 

> ISO 9542 (ES*IS) defines exchange of routing info between End 

Ie _ nncon /.o *y* tem and intermediate system (a router) 

• IS0 10589 (IS-IS) defines exchange of routing info between 

Intermediate systems within a Routing Domain 
(intradomain) 

Static Routing: tables used for exchange of routing info between 
Intermediate systems between Routing Domains 
(Interdomain) IDRP in the future 

Above routing protocols depend on CLNP for packet format In ISO. 

IDP+HO DSP => defines boundary between LI and L2 routing 
for IS-IS. (Called "area address”) Routing domain bound) 
can be set between areas, but not within an area. 


laries 


|~~ 1 DP 

HO DSP 

(LA) 

.0 1 

^ — i 


April 1. 1992 NSIUWG Network Subgroup 


1 Space Science Laboratory / MSFC 
Linda Porter 
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Routing 



Intra-Domain Routing (IS-IS) 

• Systems msy not acquire more than three area addresses 
(IDP+HO DSP). 


Network Manager original assignment IS-IS "union of area addresses" 



This BREAKS PIV/V Compatibility. 


Note: IS-IS spec default is three area addresses. Recent spec change 
raises maximum number of areas shared and is based on number of 
area addresses that will fit in a "link state packet". However, 
Implementations are well behind. 


April 1, 1092 NSIUWG Network Subgroup 


Space Science Laboratory / MSFC 
Linda Porter 
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Routing 


Inter-domain Routing 

• desire to define boundaries beyond which do not wish to share 
IS-IS (or other Intra-domain routing protocol) Information - NOT 
dependent on value of GOSIP "RD" field!!! 

- however, should only be set between IS‘s with different sets of 
NSAP address prefixes. THAT IS - cannot set between sites 
SHARING Phase IV areas (e.g. NASA site hub and University Site). 

• Other issues: 

- 'Two hop problem" • static information is not propagated through an 
Intervening Routing Domain, therefore if primary path drops, backup 
path (if exists) will not automatically be used. 



Routing Flood Protection 

Space Science Laboratory / MSFC 
April 1, 1992 NSIUWG Network Subgroup 5 Linda Porter 
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General Transition Strategy 

The "Five Point Plan": 

1. Create single namespace for DECnet Internet (OMNI) 

2. Specify transition address structure 

3. Encourage ES upgrade to PV, using OMNI and address structure 

4. Upgrade the routing incrementally 

5. Define a timeframe to complete transition 


v 

April 1, 1092 NSIUWG Network Subgroup 


Space Science Laboratory / MSFC 
6 Linda Porter 


r 





General T ransition Strategy 


What is "Incremental" routing upgrade? 

• Upgrade routing In (DECnet Plv) area one area at a time 
Upgrade all PIV LI routers in area to PV all at once (this is a RULE) 
(but still running PIV Level 2) 

• Then, can upgrade all PV routers to PV L2 routing. Requires setting 
Interphase Static Links on area boundaries between 

areas supporting PV/OSI IS-IS L2 and PIV routing protocols 

Issues: Non-DEC routers (Cisco, Wellfleet, Proteon...) and VMS 
(host-based) routing (excluding cluster alias). 



7 


April 1, 1992 NSIUWG Notwork Subgroup 
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Spaco Sclanca Laboratory / MSFC 
Linda Portor 
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Issues 


Goal is to preserve PIV back compatibility during transition. 

1. Multihoming limitation restricts which areas may adopt more 
than one NSAP address. 


2. Flexibility required in planning to implement routing domain 
boundaries during transition. 

3. VMS host-based routers, non-DEC routers 

Work 

In 

Progress... 


New NASA/SPAN and DOEfeSnet-DECnet Transition Strategy 
due in three weeks on NSINIC. Look to NSINIC lor other interesting 
(?) docs, too (like Namespace Implementation for NASA's DECdns 
name servers, version 2.1) 



April 1, 1902 NSHIWG Network Subgroup 


8 


Space Science Laboratory / MSFC 
Linda Porter 



OSI (CLNP) Status 

• CLNP (8473) support available on all routers 

• IS - IS (DIS 10589) supported on backbone routers 

• Static routing to support connections to other AA's 

ESnet (005700) 

NSFnet (FFFF00) 

• RD's available to all NSI sites 
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GSFC PV/OSI Future 

• Allow new (production) systems to come up DECnet/OSI 

• First new systems will be Ultrix and brought into 
GSFCOSI:. NS 

• New systems will be running production DECnet-Ultrix 
V5.0 SW 

• Set up a dedicated DECdns nameserver in OMNI that hosts 
OMNI:.us.nasa,gsfc, 

• Depending timing, we may host this on a WS until 
dedicated platform has been procured 


GSFC PV Future (contd) 

• Replace WANrouter 500 (DEMSA) w/ DECnis 600 

• Bring up OSI CLNP on WAN FW to talk wAVAN OSi 
networks 

• Work w / concept of bringing up GSFC area 15 to PV/OSI 
at LII, set up interphase static links to WAN OSI provider, 
turn off PIV on GSFC FW 

• GSFC then routes only OSI (and IP) off campus in WAN 
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GSFC PV/OSI Experience 

• 1 VMS DECnet/OSI system (FT) 

• 2 Ultrix DECnet/OSI systems (FT) 

• Running FT NS GSFCOSI:. on DS5000/200 

• WANrouter 500 (DEMS A platform) 1 5. 1 009 running PIV 
at LI/LII 

• FT AM and VTP applications up and running btwn DEC 
platforms 


GSFC Transition to PV/OSI 

• Migrate all PIV host-based routers to dedicated routing 
platforms (cluster alias only exception) 

• Load all DEC routing platforms w/ WANrouter SW 

• Run WANrouters at PIV LI /LI routing alorithms 

• Non-DEC routers capable of IS-IS (or integrated IS-IS)? 

• Check interoperability of NON-DEC and DEC WAN 
routers 
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GSFC Transition to PV/OSI (contd) 

• Interoperability check above area 46 or extended address ? 

• Cut-over to PV/OSI Link-State routing at LI (DECnet area 
15) 
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MSI End Sites (cont.) 
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NSI International Connections 
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The "OMNI" <root> 
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Namespace Access 
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NASA’s DECdns Nameserver 


A current version of this text is available in 
PostScript format from the NSI File Cabinet as: 

NASA_DECDNS_IMPLEMENTATION . PS 
in the directory: 

[ANONYMOUS. FILES. PROTOCOLS. DECNET. PHASE V] 


PffcCEDtNG PAGE BLANK NOT FILMED 
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PRECEDfNG PAGE BLANK NOT FILMED 
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(MDHA) 


Brian Lev 
Hughes STX Corp. 


April 2, 1992 
Presentation to the 

NASA Science Internet User Working Group Conference 



The NSI Online Network Aide (NONA) 
Why Build It? 


• Experience had proven that an on-line ay stem increased the 
number of users who could be helped in any given period of 
time without over-taxing human staff* 

• Rapid response needed to official assignment of NIC duties to 
staff at GSFC, but immediate hiring of additional staff to handle 
extended workload was not possible. 

• Two systems already in use at GSFC for network user support 
(SPAN-NIC and NICOLAS) were avaialble to serve as testbeds 
for NSI information and services. 

• Porting of an existing system would allow near-immediate res- 
ponse to the increased workload. 






PRSO€DfN€ F'A.'jf l-MIK fUMfr? 
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The NSI Online Network Aide (NONA) 

The First Build 


NICOLAS chosen as "template" system 

— required no new purchases, licensing, or staff training 

— guaranteed to work on existing platform(s) 

DFTNIC VAX 3250 chosen as host 

— wide variety of network links and protocols 

— already hosting NICOLAS 

— already managed by NSI USO staff 

— bypassed wait for new NSI-purchased hardware to arrive 

► Emphasis on rapid installation to fill gap in user services. 

• Small-scale NICOLAS "clone" with emphasis placed on NSI, as 
opposed to GSFC-specific, information. 

► Relatively basic information server, relying heavily on NICOLAS 
and the old SPAN-NIC to fill gaps in content and connectivity. 

► Recorded just over 900 user sessions in one year. 


The NSI Online Network Aide (NONA) 

Background of Current Version 


• Version 2 beta installed on NSINIC MicroVAX 3300 after completion 
of hardware's acceptance testing. 

• Fully functional "pilot" system opened for use by the NSI community 
in time for the December, 1991 AAS Conference. 

• Recorded roughly 100 user sessions in its first month of operation; 
usage grew to 480 sessions in January, 1992. 

• Over 740 user sessions recorded in February 1992. 

• First phase of operational testing now considered as completed suc- 
cessfully; system now ready for additions to become true Version 2 
of NONA. 

— The old version running on DFTNIC was taken off-line for the last time on 
February 10, 1992. 
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The NSI Online Network Aide (NONA) 

Changes from First Version 


• Now running on a newer, faster host dedicated only to NSI 
support. 

• Uses improved driver software for faster response to user 
input. 

• Features user tracking that is both more comprehensive and 
more transparent. 

• Driver modifications allow simpler formatting of text files. 

• User messages & problem reports now routed directly into 
the NIC's Help Desk Email. 


The NSI Online Network Aide (NONA) 

What We Offer Now (Version 2 beta) 


• "Hot News" about NONA, the NSI, or other items of importance. 

• Instructions on using NONA. 

• Info About the NSI and Other Nets 

— What Is the NSI? 

— NSI Program Objectives and Management 

— Acquiring NSI Connectivity 

— Info about the Internet and other nets (BITNET, THE net, USENET, etc.) 

• NSI Personnel for Additional Help 

— How to contact the NIC and NOC 

— Points of contact at individual NASA and ESA centers 

• Help Files and Info 

— Automated Email matrix and dictionary of networking terms St NASA acronyms 

— Information St Instructions for the NSI File Cabinet 

• Problem Reporting/Message Box Mechanism 

— Send, flagged Email meaaagea to the NSIHELP account and notifies NSI USO staff 

• Transparent "Quick Connects" to SPAN-NIC & NICOLAS 
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The NSI Online Network Aide (NONA) 

What We Offer Now (Version 2 beta) 


HOW IT WORKS 


• Menu-Driven Navigation 

— simply choose desired option by number 

— plain English instructions for all steps 

— help for each menu available with "H" or "?" 

• Can Leave At Any Time 

— from any menu, Q (quit) or X (exit) will log you out 

— when reading files, Q or X return you to the menu you came from 

• Forgiving Environment 

— plain English error messages 

— available commands always on screen 

— can scroll text backwards one screen at a time 

— can refresh text displays with "R" 

— designed for VT100 "lowest common denominator" 

— designed to "fail gracefully" in worst-case scenario 


The NSI Online Network Aide (NONA) 

The Next Step: From "2 beta" to "Version 2.0" 


• More & Better Information About NSI, such as: 

— Improved description of levels of service and usage guidelines 

— New information about USO, OPS, ENG, and SNP groups 

— All current information updated (e.g., project charter & organization, 
staff, etc.) 

— Better description of how NSI differs from ’The Internet" 

• More User Options, such as: 

— White Pages interface 

— Transparent access to specific on-line resources (e.g., NSI File 
Cabinet, OMNETs "Lists", PI-NET, etc.) 

— Addition of NICOLAS* wide-area functions (whois, finger, nslookup, 
BITNET lookups 

• Inclustion of SPAN_NIC Data Base 

— Completes inclusion of all SPAN_NIC offerings 

— Old system will be taken off-line when done 

• More Information About Other Networks 
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The NSI Online Network Aide (NONA) 

The Next Step: From "2 beta" to ’’Version 2.0" 


What You've Said So Far~ 


• So far, responses on the "NONA Futures" question- 
naire, items in the NONA message box, ana general 
Email indicate that the NSI user community wants 
further emphasis placed on: 

— expansion of the Email matrix 

— more information about other networks 

— more up-to-date NSI information 

— wide-area lookup functions (whois, finger, et aU 

— direct access to contents of the NSI File Cabinet 


The NSI Online Network Aide (NONA) 
Future Growth: Steps Along the Way 


• Growth of NONA will be baaed on liaer requiremantg 

• Possible Additions, 6 Month Timeframe: 

— New complete "branches" of 8NP and NOC Information (contacts, 
charter, offerings, etc.) 

— User registration for personalised interaction 

— N8R and RF8 status 

— Expansion of Email matrix 

• Possible Additions, 12 Month Timeframe: 

— New "forum" or QAA segments k la "Ask Harry" 

— Ability for users to request specific information files for delivery 

— Add ARCHIE interface 

— Add U8R and Trouble Ticket status 

— Full Interactive access to N8I File Cabinet 

— Improved ties to other on-line resources (eg., ALEX) 

• Possible Future Additions 

— Map of current NSI link status 

— Continual improvement of ties to other on-line systems 

— Real-time delivery of requested files 
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The NSI Online Network Aide (NONA) 

Our Overall Goal: "Systemus Maximus" 


• The following ueer-oriented capabilities are all considered part 
of an "ultimate** system: 

— Serves as Universal interface" for NSI on-line offering (e-g-» White and 
Yellow Pages, ALEX, etc.) 

— recognises and reproduces user's environment (X windows, text only, etc.) 

— offers both "power user" (command line) and menu-driven interfaces 

— provides for real-time contact with human operator 

— provides a "guided tour" of Itself 

— registers users to personalise Interaction and build contact data base 

— utilises "knowbot" or other Expert System/Artiftcial Intelligence approaches 
to help anticipate users' needs white easing access to Information 

— allows users to browse contents of the NSI Fite Cabinet 

— provides on-demand delivery (via appropriate method) of all documents and 
information available on-line 

— utilises graphical displays where possible 

— utilises multimedia mail (voice, video, and text) for user-to-staff contacts In 
real time 


How Do I Get to NONA? 


via TCPIP: telnet nsinic.gsfc.nasa.gov 
Username: NSINIC 

via DECnet: SET HOST NSINIC 
Username: NSINIC 


INI' 
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WHO YOU GONNA CALL? 


NSI Network Information Center 


Code 930.6 

Goddard Space Flight Center 
Greenbelt, MD 20771 

301-286-7251 

(FAX) 301-286-5152 

nsihelp@nic.nsi.nasa.gov 

nsinic::nsihelp 


The NSI Online Network Aide (NONA) 

Selected Foreign User Sites, 1992 


Ben Gurion University, Be er Sheva, ISRAEL 
DFVLR Oberpfaflenhofen, Weseling, GERMANY 

Danish Computer Centre for Research and Education, Lyngby, DENMARK 
ESA Villafranca Satellite Tracking Station, Madrid, SPAIN 
ESA ESRIN, Rome, ITALY 

Eindhoven University of Technology, Eindhoven, HOLLAND 
Institut d’Astrophysique de Paris, Paris, FRANCE 
Japan INET, Kyoto, JAPAN 

Korea Advanced Institute of Science and Technology, Seoul, KOREA 
Max Planck Institut fuer Kemphysik, Heidelberg, GERMANY 
Max Planck Institut fuer Plasmaphysik, Garching, GERMANY 
McGill University, Toronto, Ontario, CANADA 
Observatoire de Paris-Meudon, Meudon, FRANCE 
Rutherford Appleton Laboratory, Chilton- Didcot, ENGLAND 
Technion University, Haifa, ISRAEL 
Tel Aviv University, Tel Aviv, ISRAEL 

Universidad Nacional Autonoma de Mexico, Ciudad de Mexico, MEXICO 

University Brunswick, Braunschwieg, GERMANY 

University of Alberta, Edmonton, Alberta, CANADA 

University of New Brunswick, Saint John, New Brunswick, CANADA 

University of Saskatchewan, Saskatoon, Saskatchewan, CANADA 

University of Tubingen, Tubingen, GERMANY 

University of Waterloo, Waterloo, Ontario, CANADA 

York University, North York, Ontario, CANADA 
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The Directory: What is X.500 


<? 




• A (potentially global) distributed database. 

• Optimized for data searching and listing. 

• Not necessarily as consistent as a true database system. 

• An international standard for provisioning of 
directory services. 

• A floor wax and dessert toppings, all in one! 




Ate Ym, N+mork Strmtm Dmabpmtmt Otm? M/£ 233 - It 



| 

1 X.500 Model 


i 



DSA Directory System Agent 

DUA Directory User Agent 

DAP Directory Access Protocol 

DSP Directory System Protocol 




Ate Ym, Ntet Swwicm Oterippw—M Od^M/S 23311 
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X.500 Access 


Referrals 


Only when DUA can 
connect to both DSAs 
(network topology or 
protocol problems may 
prevent this). 



IV 

Art* Ym, N*wmk S m a i Dmmtopmmt Cnwp M/S 2JJ1I 


? 

X.500 Access 


Chaining 



• May be requested (advisory) 
or refused (actual) by DUA. 

• Application layer gateway 
service. 

• Chaining and referrals may 
used in combination. 

• Mostly transparent to the 
user. 


Art* Ym, Nmwerk Smvkm D— fayrt On? M/S' 2JJ I J 





What's in the Directory? 


Data is organized in a Directory Information Tree: 



tea 




- w -“ — - > -trrrTtr 
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What's in the Directory? 


Entries 


• Every vertex and leaf node is an entry. 

• Entries are made up of attributes. 

• Attributes have types and values. 

• Entries have object classes which determine the 
attributes for the entry. 

• Attributes are frequently multivalued and always 
ASN.l encoded. 

• Attributes and object classes have unique 
identifiers (OlD's). 


fthrVa.N— rtSg«o»n» lipml GmyX/SrUS-M 


What's in the Directory? 


Entries (continued) 


Entries each have a Relative Distinguished Name (RDN), 
which differentiates them from other entries. 

The RDN is made up of selected attributed) from the 
entry - depends on the object classes. 


An entry is uniquely and globally identified by its 
Distinguished Name - the ordered concatenation of 
the RDN's for the entry, starting at the root. 

c=US@o=NASA@ou-ARC@cn=Peter Yee 


Pm t Ym.Mmrk inw Dm ilip i (Gwp Mffi Ul-U 
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QUIPU - EDB Format 
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uaa(f*uwr«- (C*TTTi?*P/ 40NQF 
Mil* )«a\49atUa.tri.uaa.«av 4\ 


drink* aa a alau mlfcefcake 

1233/240 

ytoete- (Plli) 

Mima r» a»O Wa Hhtlnl toraMutlaa an4 > >a aa Mi inlatrat iartf ou*Mee H aa aarth Can terfen* John Yin 
a a ir a tafy e*OMe*ltat Lena 1 tonnautlta uW Maa MiUilitraUanlau-toaa lamriti \ 
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audie- (flLI) 

•al* fraui * MVIIRatianal laranautlai and Ipa aa MiUilatritlenlcnaiaiuyar I writ* I entry 4\ 

•all • write 4 aatry 4\ 
ethers 4 rail t entry 4\ 
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•ell I write 4 default *\ 
ether a 4 reed » default 4\ 
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304 4e4 1334 Ia30et0033l(343t 103304374437200 


Pdm Ym, Nmwork Smvum Duemiopmmt Group M/S: 233-24 


1 

Manipulating the Directory Service 

Service Primitives 

• 

Read 

• 

Add 

• 

Delete 

• 

Modify 

• 

Compare 

• 

Search 

• 

^ - - 

ModifyRDN 

^ fW Ym, Newark Smvkm Dombpmm d Group M/S 233-14 = SSI M - 
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Manipulating the Directory 


Other Functions (DUA supplied) 

• Bind 

• Unbind 

• Move 

• Quit! 


Pwt& Ym, Network Srtaoa D mmlo jm m t OowpM/S 2J3-1J 
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QUIPU - Data Storage 


• Entry Data Blocks (EDBs) used to hold data. 

• EDBs are collections of all entries residing at a single 
level beneath the same point in the DIT. 

• Replication works on a whole EDB (single level). 

• May be copied between DSAs to enhance performance. 

• Completely loaded into core memory during startup. 


M/S 2JJ-1# 
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QUIPU - Extensions 


Replication 


- Not available in 1988 standard (in 1992 standard). 

- Two schemes supported through use of QuipuDSP 
and IntemetDSP application contexts. 

- QuipuDSP copies ED8s in a single chunk. 

- IntemetDSP uses bite-sized chunks to improve 
reliability in flaky nets. 




Pmw Ym, Ntfwert Swwkm Dr — bjumi OmjtM/S.’ 233-1# 
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QUIPU - Extensions 


• Access Control 

- Directory Standards specify how to authenticate users. 

- Don't specify how to manage user access. 

- Currently only simple authentication supported. 

- Strong authentication soon (but may not be in this country). 

- QUIPU defines ACLs (Access Control Lists) for specifying 
which service primitives may be applied to which 
attributes and by whom. 

- Search ACLs limit the extent of information retrieval - 
prevents DIT "trawling." 


Artr Ym, rl S mwm m Dmmbjmtmi Cemtp M/S 2JJ-2J 


QUIPU - Extensions 


• DSA Maintenance 


- Orderly DSA shutdown. 

- DSA Information collecting. 

- Disk/Memory Synchronization. 

- Entry Locking. 

- Replication Control. 

- Data Dump. 




393 


QUIPU - Extensions 


• Knowledge Information 


- Allows a QUIPU DSA to knew which entries it holds. 

• Allows a QUIPU DSA to find entries it does not hold. 

- Allows a QUIPU DSA to contact other DSAs. 

• Knowledge Information is contained within 
the directory (neat trick!) 


Pmm Ym, Ne wark Stm Dmubpmmi Owf M/S 233 1# 
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Mastering of Information 


Because all sibling entries are stored in a single EDB, they 
are gH mastered by the DSA holding that EDB. 

- This is a limitation of QUIPU, but it simplifies 
operations greatly! 

Thus, all organizations within a country are mastered by a 
single DSA, for example. 

- Requires cooperative maintenance. 

- Newer versions of QUIPU allow DSA information 

to be mastered by the DSA itself and shadowed by the 
DSA above it. 

- Confusing! 


fw rat. Hrmwk Sm Crwmf M/S ZU-II 
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Shadowing of information 


• Means DSA keep a copy of data that the DSA does 
not master. 

• Done for speed and robustness. 

• Typically applies to levels above the DSA in question 
(but could be lower). 




Ate Ym, Nrtvort SmrvKm D—bpmmt GtrmpM/S: 233 -]* 
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QUIPU - Information Storage under UNIX 

Uses UNIX directories to recreate DIT hierarchy. 


• For example 

base directory: /usr/etc/quipu /iguana 
• root of DIT stored here 
C=US: /usr/etc/quipu/iguana/c=US 

0=NASA: /usr/etc/quipu/iguana/c=US/o=NASA 
OU=LeRC: /usr/etc/ quipu /iguana/c=US/o=NASA/ ou=LeRC 

• This can make for very long path names! 

• EDB for data under each vertex of the tree stored in its 
corresponding UNIX directory. 

• Same for EDBs containing leaf entries. 
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QUIPU - Information Storage under UNIX 


Remember, though, that the entry information for each 
vertex is found in the EDB located one directory above 
the vertex directory! 

- Information on ou=LeRC is found in the 
EDB residing in 0=NASA. 

- Information about LeRC personnel is found 
in the EDB residing in OU=LeRC. 


fW Ym. N<wt Sna Dmabfmmt Oaf lU/i lil lt 
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QUIPU - EDB Format 


• 1st line: MASTER or SLAVE. 

- Indicates if EDB is original or copy. 

• 2nd line: UTC timestamp 

- Used to control replication. 

- Updated every time am entry in the EDB is 
added /deleted /modified . 


PmmYM.N*mcrtS*w*mT\miYr mlCw pM/S WH 
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QUIPU - EDB Format 


• Entries represented by consecutive attributes and 
separated by blank line. 

• Attributes are written as: 

Type =Value 

- Type is attribute type (in string form, not usually as an OID). 

- Value is as appropriate for the attribute's syntax. 

- Special value tags of 

{ASN} - ASN.l encoded value in hex string format. 

(FILE) - external file reference. 

(CRYPT) - value is encrypted by a one-way hash function. 




QUIPU • EDB Format 


• First attribute is the one used to make the RDN. 

• Multivalue attributes may be on separate lines or 
joined — it does not matter. 

• Object class attribute determines what other attributes 
an entry has: 

e.g. Person must have a name (really a "common name" 
and surname). 

Defined in the oidtable.oc file. 


Hm Ym. NM>1 Smvkm Om+rmmd GnufMJS: 23S-U 
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QUIPU - EDB Format 


<? 
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UitfMifii^y- iawtl lirnnr I ■ ■ «nd 4 «m A*Uniitr«t ion 

UltAMiflWTlM- M Oct 2 02 1 2 S iO) 1911 
rr t r ( 004 ) 044-2210 

UKInia4a4ni44im* fW, 0001, yn-nul. 

r-nrn ir 1I92C/144 

in* l4*rWml 

in- ftaul AltrbiMl 

•b)MtCUaf * 9 M(M 1 4 ^llMNfMr 4 ftlruObjMC 4 thMiiGh]»<t 4 ttonOirwi 
in- Kit by Mtott 

lntM4llU«r KIHUtimi Aeronaut lii *n4 tpaoo A4oinlatratl«nie»^Una«ar 
laimoOUtarfTino- m+4 Oat 2 02; 25 >01 1*91 
t«lifh>n»ihp (004) 044-2011 

tuUMMOAaOirMl- i-uaa, i^d-tilm ll, pm+*l*ri. orynaia, ou-1 1001 , fn-katby. waMett 

•a- AHatt 

•n- Kathy Allot t 

in* Kathy M. Allot t 

•OJutClaai— toy 4 *•**•* 4 ollocForion 4 quipu<»)*«t 4 Chom04)*et 4 thomOariin 



^^““ S== 

Running Your Own DSA 

• Obtain software 

- from uu.psi.com, via anonymous FTP 

- from Peter Yee 

• Build software 

- instructions included 

- assistance available from Peter Yee 




• Install 

- configure support files 

• Obtain upper level data 

- ask that Peter Yee person 

• Obtain and convert local data 

- roll your own (no standard data format available 
within the agency). 

- sample conversion programs available from previously 
mentioned individual. 


/W Ym, H^twork Srmm Dtmbfmmt Om? M/S 2JJ1I 
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Running Your Own DSA 


• Read the nice, thick QUIPU manual. 

- Really should do this first 

- Copy included with software. 

-TeX 

- Postscript 

• Take X-Td course when available. 

- An in depth tutorial on QUIPU by its authors. 

- Currently only offered in Great Britain. 

- May be at Spring InterOp " 92 . 

• In the meantime, visit the X.500 demo. 

- Try out different DUA's on different platforms. 

- Give Greg Brown a hard time! 


fW Ym, Mw » Strmm Gnu? M/S. ZJJ-1* 


Reading List 


• The Directory-Overview of concepts, models and service, 
(ISO/IEC 9594-1, CCITT Recommendation X.500) 

• The Little Black Book: Mail Bonding with OSI Directory 
Services, 

Marshall T. Rose, Prentice-Hall, 1991 ISBN 0-13-683210-5 

• ISODE Manuals 

Volume 5, approx 300 pages all about QUIPU 

• The Directory-Selected attribute types 
(ISO/IEC 9594-6, COTT Recommendation X.520) 

• The Directory-Selected object classes 
(ISO/IEC 9594-7, CCITT Recommendation X.521 


GmpM/ScUM* 
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Support Information 


PETER YEE 
MS 233-18 

NASA Ames Research Center 
Moffett Held, CA 94035-1000 
(415)604-3812 
(FI'S) 464-3812 

SMTP: yeeOamesarcjiasa.gov 

X.400: / g=peter/s=yee/ o=nasa/prmd=arc/admd=telemail/c=us/ 
X.500: c=US@o=National Aeronautics and Space Administration® 
ou=Ames Research Cen ter®cn= Peter Yee 


Ym.N*wmkS-mm Qm+jmmi G—yA^llU-H 






GUIDELINES FOR 
IMPROVING SYSTEM SECURITY 
ON VMS SYSTEMS 


NSI User's Working Group (NSIUWG) 


April 2,1992 


Ron Trnncm\ 

NSI Socurty M«mg*r 


COMMON VULNERABILITIES 


• IMPROPER PASSWORD PRACTICES 

- Password-Username 

- Default Accounts 

- Trivial Passwords 


• ACCOUNTING NOT RUNNING 

- VMS 

- X.25 


• IMPROPER FILE/DIRECTORY PROTECTION SCHEMES 

- World Readable/Wrrtable 
• Permits Trojan Horses, Worms 




PRECEDING PAGE BLANK NOT FUMED 
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IMPROVING SYSTEM SECURITY 


EQUIPMENT SECURITY 

• LIMIT COMPUTER ROOM ACCESS 

• LOCK SYSTEM AND WORKSTATION CONSOLES 

• LOG OFF UNATTENDED TERMINALS 

• LOG OFF UNATTENDED NETWORK CONNECTIONS 



r 


IMPROVING SYSTEM SECURITY 


ACCOUNT M ANAGEMENT 


• ACCOUNT REQUEST FORMS 

• ONE PERSON PER USERNAME 

• DEACTIVATE ACCOUNTS UPON USER 

TERMINATION OR TRANSFER 

• EFFECTIVE USE OF UIC-GROUPS 

• ACCOUNT UAF RESTRICTIONS 

- TIME OF DAY 

- LOGIN-CLASS 

- CAPTIVE/RESTRICTED 

- DEFAULT CLI 

- CUSTOMIZED DCLTABLES 

- CPU TIME AND ACCESS TO BATCH QUEUES 



405 





406 


9 


IMPROVING SYSTEM SECURITY 


SECURITY/AC CESS CONTROI S 
BREAKIN DETECTION 


• SYSGEN /LG I PARAMETERS 

• VMS AUDIT COMMANDS 


$ SET AUDIT/ENABLE=BREAKIN=ALL 
$ SET AUDIT/ALARM/EABLEsLOGINsNETWORK 
$ REPLY/ENABLE=SECURITY 
$ SHOW INTRUSION 



IMPROVING SYSTEM SECURITY 


SfiCURITY/ACCESS CONTRA § 

FILES, OBJECTS AND DEVICES 

• UIC-BASED PROTECTION 

- DEFAULT SHOULD BE (W:NONE) 


• ACCESS CONTROL LISTS 

- MONITOR ACCESS TO SENSITIVE FILES 

- ALLOW/RESTRICT ACCESS TO RESOURCES 

- CONTROL EXTENT OF ACCESS BY NETWORK USERS 
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VAX/VMS V5 4 on node FOOBAR 14-SEP-1992 09 41:39.09 Uptime 1 23:12:59 


Pid 

20600200 
20600201 
20602002 
20600206 
20600207 
20600206 
20600209 
2060020A 
2060020B 
2060020F 
20600211 
20600212 
20600214 
2060 203B 
20600217 
206004 4 F 
20602051 
2060106D 


Process Name 

State 

Pn 

I/O 

CPU 

Page fits Ph. Mem 

NULL 

COM 

0 

0 

0 07:01 45.32 

0 

0 


SWAPPER 

HIB 

16 

0 

0 00:01 24.32 

0 

0 


PERIDOT 

LEF 

14 

354 

0 00:00:01.00 

1192 

769 


ERRFMT 

HIB 

8 

4258 

0 00 00:09 28 

73121 


CACHE SERVER 

HIB 

16 

930 00:00 00 16 

60112 


CLUSTER SERVER 

HIB 

9 

720 00 00:03.27 

119 

308 


OPCOM 

LEF 

14 

4687 

0 00 00:14 49 

6001 

235 


JOB CONTROL 

HIB 

9 

55765 

0 00:03:06.67 

200 

351 


CONFIGURE 

HIB 

13 

280 00:00:00 09 

101 

150 


SYMBIONT 0001 

HIB 

9 

674 

0 00:00:02.93 

5016 

76 


NETACP 

HIB 

10115381 

0 00:07:05.26 

1146 

1066 


EVL 

HIB 

4 

365212 

0 00:07:11.38 

353897 

140 

N 

REMACP 

HIB 

9 

2934 

0 00:00:03.13 

98 

89 


DSMITH 

LEF 

4 

1369 

0 00:00:09.04 

5295 

336 


SERVER 24120 

LEF 

14 

956 

0 00:00:05.79 

4397 

282 

N 

OPERATCR 

LEF 

14 

4101 

0 00 00:15.62 

8251 

276 


BLAKE 

LEF 

4 

334 

0 00:00:02.29 

964 

339 


SERVER 1060 

LEF 

14 

1952 

0 00:00:03.96 

2390 

290 

N 




C NETSERVERSTIMEOUT ^ 


* Length of time "server” processes live after object termination 


RECOMMENDATION 

SDEFINE/SYSTEM/EXEC NETSERVERSTIMEOUT "0000 00:00:00.01* 

• Each network connection in its own NETSERVER.LOG 

• VMS Accounting Record for EACH Network Access 

• Process creation each time a network object invoked 
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NETSERVER.LOG PROTECTION 
(Cont.) 



FAL V04-000 started axacunon on 9-MAY* 1990 13:50:39.57 
with SYSSNET . LARK : : *0-TENCATI * and 
with FALSLOG . 1 

Raquastad ftla aoctu oparaoon: Opan Fila 
Spacifiad fila: DECNETS : (FALJNETSERVER.LOG; 39 
DAP status coda of 4030 ganaratad 
Raquastad fila aocats oparaoon: Erasa Fila 
Spacifiad fila: DECNETS : [FAL1NETSERVER.LOG; 39 
DAP status coda of 4030 ganafitad 

Raquastad fila accass oparabon: Opan Fila 
Spacifiad fila: DECNETS : [FAL] NET SERVER. LOG. 38 
Rtsultant fila: DECNETS : [FALJNETSERVER.LOG;38 
Ftla accass was tarmmatad win DLT bit sat on doss 




USING FALSLOG TO ENHANCE AUDITS 



• UNDOCUMENTED FEATURE (Debugging?) 

• Inserts extended information into NETSERVER.LOG 

• Bit-mask (Best defined as a character string): 

Bit 0 - Enables logging of Filenamefs) 

Bit 1 - Enables generation of throughput statistics 

Bit 2 • Enables logging of DAP messages 

Bit 3 • Enables logging of xmit and recv AST completions 

Bit 4 - Enables logging of xmit and recv QIO requests 

Bit 5 • Reserved 

Bit 6 - Disables DAP message blocking 

Bit 7 - Disables DAP CRC error checking 

Bit 8 - 31 Reserved 



Examples: 

SDEFINE/SYS/EXEC FALSLOG 1 
SOEFINE/SYS/EXEC FALSLOG -3/DISABLE-8* 
(Disables ’poor man's routing*) 
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NETSERVER.LOG PROTECTION 

(Recommended Setting) 

[ - NETSERVER.LOC protected (S RWED, 0,C,W) -) 


$ DELETE ROBIN' :: NET5ERVER.LOC;* 

Error deleting ROBIN :: DECVETS : [FAL]NETSERVER.LOG^9 
Inruifiaant privilege or tile protection violation 


STYPE ROBIN NFTSERVERLOC 


Cornea request received at 9-MAY- 1990 16:02:07.51 
from remote process LARK :: “0-TENCATI 
for oCject “SYSSSYSROOT : (SYSEXEjFAL.COM- 


FAL V4 6-00 started execubon on 9-MAY-1990 16:02:07.95 
with SYSSNET - LARK : : - 0-TENCATI • and 
with FALSLOG - 1 

Requested file acoess ooeraoon: Open file 
Specified file DECNETS [FAL]NETSERVER.LOG;69 




DEFAULT DECNET ACCESS 


Dtreaory ROBIN : : DECNETS (FALJ 



LOGIN COM. 32767 
SPANLOG.COM.32767 


NETSERVER.LOG^ NETSERVER.LOG;! NOOEINFO LIS.32767 
STC BAK .32767 STC046.A .32767 


Total of 7 files 

$ TYPE ROBIN : : NETSERVER.LOG 

Connect request received at 3-MAY* 1990 14:16:41.46 

8W3W M: 

I - - Addioonsi lnk*m*oon Provrd^ by FALSLOG - -j 



FAL V4. 6-00 started execution on 3- MAY- 1990 14:16:45.19 
with SYSSNET . LARK : : “0-TENCATI - and 
with FALSLOG. 1 

Requested file access operation: Directory List 
Specified file: TV 

Resultant file: DECNETS : (FALJLOGlN.COM;32767 
Resultant file: DECNETS : [FAL1NETSERVER.L0G2 
Resultant file: DECNETS : (FAl|nETS€RVER.LOG; 1 
Resultant file: DECNETS : [FALINOOE INFO.LIS;32787 
Resultant file. DECNETS : [FAljSP ANLOG.COM ;32767 
Resultant file: DECNETS : [FALJSTC. BA K 32767 
Resultant file: DECNETS : [FALJSTC046>32767 


FAL tarrr.nated execution on 


3- MAY-1990 14:16:47.16 
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POOR MAN’S ROUTING 

(CONT) 

[ - - FALSLOG Set to "1 /DISABLE - 8 m on Robin - - ] 


(FROM LARK): 

SDIR ROBIN : : EAGLE : : V; - 

%OIRECT-E*OPENIN, Error opening ROSIN : : EAGLE : * Vas input. 
• RMS-F-NOO, Error in nod* name 
JTYPE ROBIN : : NETSERVER.LOG 


Connect request received at 9- MAY -1990 13:19:31.44 
from remoi* process LARK: : "0-TENCATl 
for oOjeci -SYSSSYSROOT : [SYSEXEJFAL.COM- 


FAL V4 6-00 starred execuoon on 9-MAY- 1 990 13:19:31.44 
with SYSSNET - LARK : : “0-TENCATI * and 
with FALSLOG • 1 /DISABLE -8 


Request fHe access operation: Directory List 
Specified file: EAGLE : : \ V 
DAP status code of 4066 generated 
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SELECTED DECNET/DAP STATUS CODES 


DAP CODE 


Corresponding VMS Error Message 


Error in Device Name or Ina p prop ri ate Device... 

Error in Directory Name 
Directory Not Found 
File Locked by Another User 
File Not Found 

Insufficient Privilege or File Protection Violation 
Invalid Channel {Poor Man's Routing Attempted /Disabled) 
Syntax Error m Filename 


Related to Sending Mail Aaoes Node 


Tile Access was Terminated with No Bits Set on dose** 
Tile Access was Terminated with DLT Bit Set on Close" 




TASK-TO-TASK COMMUNICATION 

LOCAL NODE REMOTE NQC 


% Copy NETOCL.COM Remote:: ■ 

$ Type Remote::~0*NETDCL" 

$ OPEN/WRfTE Unfc Remote ::“0*NCTDCL" 

fWRfTE Link «DCLCMCh» 

$RCA(VEND»Oone Link Data 


{METACP) 

V Process Creation 


N 

: . fal 

E 

, *1 Object 

T 

* t 

s 

E 

R 


V 

E 

' TASK * 

R 

* Object 


{DECNET1 

NCTDCLCO 


REMOTE ' 
L EXECUTION 


Sys$Output: * Sys$N«t: 









USING SEPARATE OBJECT USERID’S 


• Each object gets its own VMS accounting record 


• Objects can be assigned identifiers for use in ACL's 


• Removal of use rid/pass word from Executor database 

• Define each object with NCP: 

Example: 

NCP»D€F1NE OBJECT FAL USER FAL OBJ PASSWORD XYZZY 
NCP*0€FINE OBJECT MAIL USER NETUSER PASSWORD PONEYEXPRESS 


• A configuration option under V5 2 and higher 
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DECNET OBJECT DATABASE 

Known Object Volatile Summary as of 2-MAY-1989 20:21 :13 


Object Number 

FUe/PID 

Ueerld 

Peeeword 

$M0M 

0 

SYSISYSTE MMOM.COM 

DECNETUSER 

DEFAULT PWO 

SN CONFIG 

0 

SYSSS YSTEM:NCONFC COM 

OECNETUSER 

DEFAULT_PWD 

IT ASK 

0 

SYSIMANAGE RrTASKLOG.COM 



SMtSERVER 

0 

2020006C 

NETNML 

RESTRCTSACCESS 

TASK 

0 

SYSIMANAGERrTASKLOG.COM 



FAL 

17 

SYSSSYSTEMrFAL.COM 

FAL 

FAL USE PWO 

HLD 

ia 

SYSSSYSTEMrHLD.COM 

OECNETUSER 

DEFAULT" PWO 

NM. 

19 

SYSSSYSTEMrNML.COM 

NET_NML 

RESTRCTSACCESS 

RE MAC P 

23 

20200094 



MIRROR 

25 

SYSSSYSTEMrMIRROR.COM 

OECNETUSER 

DEFAULT.PWD 

EVL 

26 

20200092 



MAIL 

27 

SY SSS YSTE MrMAtL SERVER.EXE 

NETMAIL 

BILL COLLECTOR 

PHONE 

29 

SYSSSYSTEMrPHONE.COM 

PHONE 

BUSYSSIGNAL 

DOMF 

30 

SYSSSYSTEMrDOMV.COM 

DECNETUSER 

OEFAULT.PWO 

CTERM 

42 

20200094 



VPM 

51 

SYSSSYSTEMrVPM.EXE 



SPMSREMOTE 

60 

SYSSSYSTEM.SPMSCOLLECT.EXE 



DTR 

63 

SYSSSYSTEM.DTR.COM 



FINGER 

117 

FINGERSOIRECTORYrFINGER.EX 

NET_F INGER 

ALLSTHUMBS 
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LOGGING NETWORK CONNECTIONS 

• Provide* hardcopy proof of connection 

• Easier monitoring of DECNET activity 

• Suggeeted Implementation*: 

• SSET AUD(T/ALARPA€NA8LE-LOGW-N6TWORK 
(EmcaM with SECAUDrr.COM) 

Make an LG CM) flla aaen obpa "u ear runs: 

$Uaar - FSLogicai rSYS$ftEM_0“) 

Inoda - F (Logical (*SYS$REM JJOOE”) 

$Raquast/To - Network * 

"Network Connact From Node'NodeUserUeer’* 


NETWORK AUDIT TRAILS 


S SET AUDTT/ALARM/ENABLE-LOGIN-NETWORK 


%%%%%%%%%% OPCOM 3-MAY-1990 1025:00.51 %%%%%%%%%% 
Security Alarm on MYNODE / Network Login 

Time: Q3-MAY-1990 1025. -00. 46 


Time: 

pn> 

User Name: 
Source: 


00001 F65 
NET FAL 

5.143 EACLE:TENCATI 


UAF > MODIFY NFT.FAULGICMD-NFr.LOC.COM 
NGP> SET OBJECT FAL USER NET JAL PASSWORD 


%%%%%%%%%%* OPCOM 3-MAY-1990 10:25:03.74 %%%%%%%%% 
Massage from user NET.FAL on MYNODE 

FAL 13390, Network Connect From Node: EAGLE, Username: TENCATI 
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Sample Output From NETLOG.COM 



Start 

Ramol* 

Ramota 

Cormaet 

Local 

Raeard 

Dal* 

Tima 

Nod# 

Uaarid 

Tima 

Uaamama 

Typ* 

10- MAY-86 

07:53 42 

HAMLET 

2060012C 

00:0035 

NETMAIL 

Mail 

10- MAY-66 

07:53:54 

WRF 

DLINKERT 

00:00:53 

NET MAI 

Mail 

10-MAY-M 

07:53:27 

MARVAX 

OECNET 

003037 

FAL 


10-MAY-M 

06:00:31 

MARVAX 

DECNET 

0030:41 

FAL 


10-MAY-M 

07:56 03 

IF LAG 2 

00000422 

003637 

NETMAIL 

Mail 

10-MAY-M 

06:02:59 

JPLRAG 

OLSEN 

003139 

OLSEN 

<Logm» 

10-MAY-M 

06:03:25 

MARVAX 

OECNET 

003132 

FAL 

10-MAY-M 

06:05:25 

MARVAX 

DECNET 

003026 

FAL 


10-MAY-M 

06:26:36 

UCMBO 

21000094 

003026 

NETMA1 

Mail 

10-MAY-M 

06:36:50 

LAMPS 

KWAIGHT 

0030:19 

PHONE 


10-MAY-M 

06:36:40 

CASS01 

ooooono 

003429 

NETMAIL 

Mail 

10-MAY-M 

06:46:06 

J PL MAD 

PAULSON 

0030:16 

PHONE 


10-MAY-M 

09:04 45 

LOCK 

HACK 

003026 

NETMAIL 

Mail 

10-MAY-M 

09:06:06 

LOCK 

HACK 

0033:12 

NETMAL 

Mail 

10-MAY-M 

09:12:20 

DIRAC2 

KERR 

0032:56 

NETMAIL 

Mail 

10-MAY-M 

09:15:24 

ASD 

LEHMAN 

00:0021 

NETMAIL 

Mail 

10-MAY-M 

09:19:14 

EROSA 

SYSTEM 

0030:16 

PHONE 


10-MAY-M 

09:20:56 

JPLRAG 

SYSTEM 

003033 

NETMAIL 

Mail 

10-MAY-M 

09:21:26 

HAMLET 

20604126 

003026 

NETMAL 

Mail 

10-MAY-M 

09:32:19 

SWRI 

0000076C 

003034 

NETMAIL 

Mail 

10-MAY-M 

09 46:21 

JPLSP 

BGOLDSTEIN 

0033:44 

NETMAIL 

Mail 

10-MAY-M 

09:31 57 

CYCLOP 

00001D9C 

00:3022 

NETMAIL 

Mail 

10-MAY-M 

1 1 52:39 

NSSDCA 

CROMP 

00:00:44 

NETMAIL 

Mail 

10-MAY-M 

15 23 39 

LHEAVY 

000004 AA 

00:00:46 

NETMAIL 

Mail 
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IMPROVING SYSTEM SECURITY 

IMPROVING SECURITY - GENERAL 

• USE PASS-PHRASES 

• REQUIRE PASSWORDS ON ALL ACCOUNTS 

• ONE ACCOUNT PER USERNAME 

• GENERATE AUOfT TRAIL (ACCOUNTING) DATA - REVIEW QAA.Y 

• INSTALL PATCHES AS THEY BECOME AVAILABLE 

• RUN SECURITY TOOLKIT* SOFTWARE 


UNIX: -COPS* VMS: *SPAN TOOLKIT* 
• REPORT INCIDENTS WHEN THEY HAPPEN 
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IMPROVING SYSTEM SECURITY 
IMPROVING SECURITY - VMS 

•NO TASK OBJECT 

• SEPARATE USEROS FOR DECNET OBJECTS 

• USE NETSERVERfTlfcCOUT AND FALSLOG TO ENHANCE AUOfT TRAILS 

• USE ACCESS CONTROL LISTS 

• RESTRICT FTP TO PARTICULAR DIRECTORY 

• USE PSLSECURfTY TO FILTER X.2S CONNECTS TOFROM VALID DTES ONLY 






INCIDENT HANDLING 

• DO NQI REPORT NSI/NASA INCIDENTS TO THE •CERT* 

• USERS SHOULD REPORT ANY ANOMALY TO THEIR SYSTEM ADMINISTRATOR 

• SYSTEM ADMINISTRATORS SHOULD REPORT ANY SECURITY INCOENT TO THEIR 
DPFCSO 

• IF INCIDENT INVOLVES AN EXTERNAL SHE. REPORT IT ALSO TO NS I- SECURITY 
OFFICE. SECURrTY0NSINIC.GSFC.NASA.GOV 

• NSI SECURITY OFFICE ISSUES SECURITY BULLETINS TO NSI COMMUNITY VIA 
ROUT MG CENTER MANAGERS AND NASA A1S CONTACTS 
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IMPROVING SYSTEM SECURITY 

SECURITY MANAGEMENT TOOLS 

• NSI SECURITY BULLETINS 

• PASSWORD MONITORING/COMPLIANCE SOFTWARE 

• DECNET CONNECTION SUMMARY REPORT GENERATOR 
•PSI ACCOUNTING 

• PSI CONNECTION/USER SUMMARY REPORT GENERATOR 

• SPAN TOOLKIT 



LLNL SPI/VMS TOOLKIT 




UNIX* Security 


E. Eugene Schultz, Ph.D 
Lawrence Livermore National Laboratory 


3rd Annual NSIUWG Conference 
April 2, 1992 

* • UNIX la a raglatarad trademark of ATftT 


Major purposes of this presentation 


• To familiarize you with some of the major security 
problems In UNIX 

•To acquaint you with methods of making your UNIX 
system more secure, regardless of whether you are 
a user or system manager 
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About the security of the UNIX 
operating system 


• UNIX was designed for use In "trusted” computing 

environments 

• As UNIX has moved towards becoming a de facto 

standard, It is being used more in sensitive and 
classified computing environments 

• The UNIX kernel is secure, but the appilcations/utllities 

are often not 

• UNIX contains many security features, but they usually 

must be enabled 

• As new features are added to UNIX, security has 

become more difficult to control 


What really is the problem? 


* FACT - 90 percent or more of the Intrusions Into UNIX 
systems would never occur If two widespread 
problems were corrected 

- Weak passwords 

- Unpatched vulnerabilities 


1-4 
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Other causes of security problems 


• Improper permissions (especially file permissions) 

• Improper system configuration 

• Use of programs and functions that compromise 

security 

• Lack of security maintenance activity 

• Inadequate network security architecture 


Some dangers of an attacker 
obtaining root privileges 

With root privileges on a system an attacker can 

- Create new accounts 

- Disable any account 

- Read, write to, or delete any file on that system, 

regardless of any protections placed on that file 

• Intercept and read anyone's e-mail 

- Install trojan horse programs on that system 

- Delete any system accounting files (/etc/utemp, 
/etc/wtemp, usr/admln/lastlog) 



Some dangers of an attacker 
obtaining root privileges (continued) 


- Modify data (e.g., change value of pi to 3.4) 

• Kill any process that is running 

- Login to any other system that trusts the 

compromised host without using a password, and 
dotne same! 


UNIX Security 


Overview 

(Pass®/®!’®) 

File Protection 
System Configuration 
Vulnerabilities 
A Final Note 
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Passwords 



More UNIX Incidents start with 
because of poor or nonexistent 
passwords than any other cause! 


Evidence of password problems 


• In The Cuckoo’s Eqq 

• During the 1988 Internet worm attack 

• Intrusions into U.S. UNIX systems from Germany, 

England, Australia, The Netherlands, etc. from 
1987 -present 

• Intrusions into U.S. UNIX systems from overseas 

during Operation Desert Shield/Desert Storm 


1- 10 
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Evidence of password problems 
(continued) 


• Klein's study In 1990 showed that of a total of 
15,000 passwords In password files from 50 sites 

• 3% could be found by a password cracking 

program within 10 minutes 

• 21% could be cracked by this program In 1 

week 

- Approximately two-thirds of systems Involved 
in study could be compromised by at least one 
bad password 


How attackers obtain passwords 


• By guessing 

• By cracking password files 

• From bulletin boards 

- From e-mail messages and flies In compromised 
accounts 

• By social engineering— "con jobs” on unsuspecting 

users to obtain passwords 


1 - 12 


4 30 



"Joe" accounts 


Accounts with the same user name and password 


User = jabstar 
Password = jabstar 


Weak (easy-to-guess) passwords 


• Simple variations (e.g., rnjones, jonesrn, rjones, 

ronjones) or reversals of a username 

• Any word found in the English dictionary 

• Popular car makes 

• First names 

• Computer (and other) slang (e.g., guru, wizard, etc.) 

• Yiddish or Chinese words 

• Simple letter iterations (e.g., ababab) 


I- 14 
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Frequently found default passwords 


root 

dlag 

sysdiag 

sundlag 

maint 

sync 


Unpassworded accounts 

• Soma accounts have no password at all 

-Examples: root* and uucp 

- Frequent reason: convenience of users 

- Easy target for attack 

• If there Is no password for modem dial-ins, once an 

attacker has the dial-in number a system Is 
subject to multiple attacks involving different 
accounts 


•- 9om» but not UNOt lyalMW wtth an unpaMwwM ml mount 
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Choosing a sound password 


• Requires some Inconvenience on the user's part 

• Recommended methods 

- Short word + control character + short word 
unrelated to first, e.g., tie&shlrt 

• Mnemonic method-using first letter of each 
word in an easily remembered phrase, e.g., 
mctotslol (my Country tis of thee.. .sweet land 
of liberty) 

• Avoid using any password less than 7-8 
characters In length 


Checking for easily guessed passwords 


• Proactive approach— when the password Is set 

• Replace the procedure for changing the 
password to check for easily guessed 
passwords 

- Establish policy for setting the initial 
passworato something not easily guessed 

• Retroactive approach-at regular Intervals 

• Run a password checker on your system’s 
passwords 

- Prepare a policy for finding and changing 
easily guessed passwords 
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Checking for easily guessed 
passwords (continued) 

• Install password filtering tool (proactive) 

- npasswd (anonymous ftp to emx.utexas.edu) 

• passwd-f (contact MattBlshop@dartmouth.edu) 

• Commercially available tools 
OR 

• Use password checking tool (retroactive) 

• COPS (ftp to cs.purdue.edu) 

- CRACK (ftp to wuarchive.wust!.edu-ln vol. 25) 

- SPI (Security Profile Inspector) - send e-mail to 

tencati@nssdca.gsfc.nasa.gov 


Password aging 


Requiring users to change their password on a 
regular basis has some benefits and drawbacks: 

• Can flag and remove dormant accounts 

• Limits the utility of a stolen password 
BUT 

• Can drive users to choose weak passwords, 

since the user now has to invent and 
remember new passwords more frequently 
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Password aging (continued) 


• In some UNIX systems password aging can be set bv 
editing /etc/passwd 7 


value (In weeks) for password expiration 

• Some commercial security packages have password 

aging r 

• In "secure" SunOS systems, modify passwd.adjunct 

In /etc/security 
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Eliminating assessible password files 


" S Jf ur ?.“ ¥WS, on* 01 UNIX havs shadow password 
files (l.e., encrypted passwords are stored In a 
non-accesslble file) 

root: # ^1.:Whanvni«^^bln/c«h 

toflfci p mnm f 

/.aecirty, /stoescurtty or /uar/etc/securlty 
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Social engineering 


OmnICore le experimenting In online - high 
resolution graphics display on the UNIX BSD 
4.3 system and Its derlvltavea, But, ere need 
your help In testing our new product - 
TurboTetrls. So, If you are not too busy, please 

S out the ttstris game In your machine’s t Imp 
ectory. Just type: 


/tmprttatrls 


Because of the graphics handling and 
acreerweinltlallzatlon, you will be prompted to 
log on again. Please do so, and use your real 
password. Thanks for your support. You’ll be 
nearing from us soon! 


OmnICore 
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File protections 


• File protections determine who may 

- Read/write to and/or execute a file 

- Ust, create and search directories 

• An attacker may not need to obtain root privileges or 
break Into your account to get what s/he wants from 
your account If your file protections are not set 
properly 


File access modes 

$ Is -Ig anyflle 

flone *y» 2 May 1 1991 anyfHe 
other-read and writ# acoasa but no execute allow ad 
group-faad, wrlta and axacuta allowed 
owner-read, write, and axacuta allowed 
file typo- - shows this is a file 
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Directory access inodes 


$ Is -Idg mydir 



rw- 1 gene ays 512 May 1 1991 mydir 
other-list and create but no search 
group-list, create and search access 
owner-list, create and search access 


file type- d shows this Is a directory 


The "bottom line" of file protection 


• Anyone with access to your system can 

- Read/copy any of your world-readable files 

- Alter/delete any of your world-writable files 

• Run any of your world-executable programs 

• Plant trojan horse programs In your world-writable 
directories In your path 

• Threats to the system itself 

• World-writable binaries and system directories 
allow an attacker to modify the system 

- Readable restricted system files allow an 
attacker to discover other trusted computers or 
other privileged information 
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Setting the proper file permissions 

• In octal method of setting file permissions 

4 = read (or list in the case of directories) 

2 = write (or to add/delete files from a directory) 

1 = execute (or to cd Into a directory) 

so 761 -»» owner read-write-execute, group 
read-wrlte, and world execute only for a file 

• To change permissions so that you can 

read-write-execute, but group or world cannot 
read-write-execute 

$ chmod 700 anyfile 
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Setting the proper file 
permissions (continued) 


OR (symbolic method) 

$ chmod og-rwx anyfile (group and world now have 

no read-wrlte-execute 

access) 

• To recursively remove all read access for group 
and world recursively through your directory 
structure: 

$ chmod -R og-r (BSD systems only) 

OR 

$ find . -exec chmod og-r {) \; 
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Recommended file permissions 


• For user flies and directories: 

. Any file containing a password: mode X00 

- Hidden files: writable only by owner 

- Directories: writable only by owner, with ail files 
contained therein owned by user 

- If you are not sure, try mode 700 or 711 initially for 
executable files and 600 or 644 for non-executable 
files 
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Recommended file 

permissions (continued) 

• In general, only root needs to have write permission for 

system files 

• System files should be owned by system users 

• root directories (e.g., bin, dev, etc, mnt, usr, etc.) 
should not have aad/delete access by world 

• World should not be able to read-wrlte to memory, 

devices, spool directories, etc. 
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Recommended file 
permissions (continued) 


• netrc (contains login and initialization information for 

use by ftp's auto-login process) - should be readable 
only by owner 

• /usr/adm/utmp or /usr/adm/wtmp - mode 600 or 644 

• /var/adm/acct or /var/adm/pacct - mode 600 

• syslog, authlog, or similar files • mode 664 or 644 

(recommended directory mode is 700 or 755) 


umask 


• umask (in /etc/profile or .cshrc file) sets a mask on 

permissions for files and directories you create 

• sets limit on maximum permission values (octal) 

• 7 minus umask value = maximum sum of access 

permissions for each bit, e.g., mask value of 4 allows 
write (2) and execute (1) only 


$ umask (displays umask craatlon mask) 

$ umask 1 26 (prsvants ownar from axacuta, group from 

raad-axacuta and world from raad-wrlta aooasa) 

$ umask 077 (pravants group and world from raad-wrlta-axscuta 

acoaaa) 
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UIDs for processes 


• UID - user identification number 

• If a process needs to read, write or execute a 

certain file, the associated UID must have 
the appropriate access permissions 

• Real UID - the UID of the user who executes 

the process 

• Effective UID • the UID under which the 

process runs (with the same access 
permissions/ privileges as the owner of any 
accessed file) 

• Example - if user rcarr executes a setuid file 

owned by gene, the real UID will be rcarr*s, but 
the effective UID will be gene's 


GIDs for processes 


• GID - group Identification number 

• Real GID - the GID of the group that executes a 

process 

• Effective GID - the GID under which the process 

runs (with associated access permissions and 
privileges) 


1 - 3 * 
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SUID permission 

SUID - Sat user ID 

• When SUID permission Is set, all processes 
created from program will have effective UID of the 
owner of program 

• Effective UID may be different from real UID 

• chmod command used to set SUID permission 

$ chmod u+s any file OR chmod 4XXX any file (sets SUID 

permission) 

$ Is -lg anyflle 

- rwjrwxrw- 1 gene sys 2 Key 1 1981 anyflle 
the s replaces the xto show that the SUID permission Is set 


SGID permission 


SGID - Set group ID 

• When SGID permission is set, all processes 
created from program will have effective UID of 
the group associated with program 

• Effective GID may be different from real GID 

• chmod command used to set SGID permission 


$ chmod g+s anyflle OR chmod 2XXX anyflle 
$ la -!g anyflle 


(aets SGID 
permission) 


- rwxr-|r-x 1 gene sys 2 May 1 1991 anyflle 
the a replaces the xto show that the SGID permission Is set 
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The sticky bit 


• If the sticky bit on a directory Is set, only the owner of 
files In that directory can remove or rename those files 

• Applies to SunOS and some other BSD systems 

- Useful especially for /tmp directories (normally 
world- writable) 

$ chmod 1 XXX mydr OR $ chmod o+t 
$ Is -4dg mydlr 

drwxr-xr-i 1 gsns sys 512 May 1 1991 mydlr 
ths t replsceethe xto show that ths sticky bit Is sst 


setuid root files planted by intruder 


• Designed to allow root privileges to Intruder upon 

reentry into system 

• Often are hidden* (e.g., .xx, ... etc) 

• setuid root program might be /bln/sh 

• To find setuid root files: 

$ And / -user root -perm -4000 -print 


* - HMdan Km bagin •tth a parted 
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Recommendations for setuid 


• setuid root scripts 

• Your vendor can inform you which scripts need to 
run as root - other setuid root scripts should not 
be allowed 

- All setuid root programs should be in systems 

directories and should not be world 
readable-writable 

- /usr/bin/uusend and /usr/lib/ex3.7preserve should 

not be setuid root in SunOS systems 

• All setuid to user programs should be known to user 

• setuid files generally require only execute access 

$ chmod 471 1 any_setuid_file 
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Vulnerabilities 
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Ownership 

• /etc should be owned by root, not bln 

$ls -JFd /bin 

dnw-v -1 4 Mi tyrtam 3584 Jun 4 11:05 «te/ (this Is bad!) 

$ chown root /stc (now bln Is ownsd by root) 

• /dev/mem, /dev/kmem and /dev/drum 

• Should be owned by root and group kmem 
- Mode 640 recommended 

Sis -IFd /d«v/mem 

drwxr-xr-x 4 root kmem 4096 Aug 8 13:54 do v/ mom (this !• good) 

• All devices (except terminals*) should be owned by root 

• - Should bo owned by uoor until used logo out— then should bo ownsd by root again 


sendmail 

• alias, alias.dir and alias.pag in sendmail 

• Should also be owned by root 
- Should not be world writable 

• Remove decode alias from /etc/aliases or 
/usr/llb/aliases 
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System integrity 

• Inspect’ system programs, network daemons, and 

access control programs for trojan horse programs 

• telnet 

• /bin/login 
•tftp 

• su 

• cron** 

• at** 

$ sum /bin/login (compare to previous checksum) 

OR run integrity checking tool such as COPS 

• - Um checksum program kept offline 

- Any fUe referenced by cron and/or at should not be either 

1-45 


Trusted hosts files 

• Ensure Integrity of trusted hosts files (l.e. f hosts.equiv, 
hosts.lpd and .rhosts files) 

- Inspect names of systems (e.g., unauthorized or 
not In your domain) 

- + In these files allows universal access 
■ Files should not be world-writable 
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tftp 


• Secure tftp (trivial fila transfer protocol) 

• Disable tftp unless it is necessary (e.g., for diskless 
servers) 

$ g«t /atc/motd (N you gat a ra a po na a. /ate/paaawd la vulnarabla) 

- To disable tftp: delete or comment out tftp entry in 
/etc/lnetd.conf) 

• If you run tftp, run the most recent version (Berkeley 
version 5.60) and run it "secure** (-s option in 
inetd.conf in SunOS) 


anonymous ftp 

• Secure anonymous ftp (file transfer protocol) 

- (If possible) - have dedicated anonymous ftp server 

- Asterisk out password fields in -ftp/etc/passwd 

- Allow only group access In -ftp/etc/group 

• Directory protections: 755 (generally) 

• netrc (contains login and Initialization Information 
for use by ftp's auto-login process) - should be 
readable only by owner 
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Account management 

• Disable* unnecessary default accounts (e.g., sync) 

• For disabled accounts, change login shell from 

/bin/sh to /bin/false 

sys:*:2,2::/:/bin/false 

• Ensure that password file does not contain entries 

such as ::0:0:: 

• Recommendation— avoid: 

- Guest accounts** 

- Group accounts*** 

*- Re piece the pa— word with an af rimk 

— • If guest accounts must be used, assign a non-trivia! password, and di sable account 
Immediately after guest user leaves 

- If multiple users are to Neve root privileges, assign multiple accounts with UIO-O 


Other recommendations for 
system configuration 


• /etc/exports 

• Should specify only hostnames or netgroups allowed 

to mount partitions 

• access- must not be empty, or any host may mount 
file system 

- After editing, enter 

# exportfs -a (to ensure that changes are put into effect) 

• /etc/netgroup 

• Should specify only hostnames or netgroups allowed 

to mount partitions 

- Host and user fields must not be empty 
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About UNIX vulnerabilities 


• Older versions of UNIX generally contain more 
vulnerabilities 

• Your vendor can help you learn which specific 
vulnerabilities apply to the particular flavor and 
version of UNIX that you run 

• Patches may have undesirable side effects, 
depending on configuration 
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UNIX vulnerabilities can be 
exploited several basic ways 


• Authentication bypass or back doors 

• Compromise of passwords 

• Unauthorized use of functions/privileges 

• Disabling of protections 


sendmail vulnerabilities 

• Hole 1 - an attacker can gain root privileges and 
execute commands on a remote system 

— Exploited by Morris Worm 

- Fixed In recent versions of major UNIX operating 
systems (e.g. t BSD, SunOS, ULtrix, etc!) 

• Hole 2 - when used with .rhosts can allow attacker 
to gain access to a system without password 

- Present In SunOS 4.0.3, but fixed In version 4.1 
(BugID 1028173) 

- Fixed in recent BSD sendmail releases (5.61 - 

— Allows serious damage to be done to systems, 
especially If used in connection with .rhosts files 
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sendmail vulnerabilities (continued) 


• Hole 3 - an attacker can use this hole to overwrite 
critical system files (l.e. t /etc/passwd, crontab) 

• Other holes In older versions of UNIX, Including 
decode, which allows users to create any file to 
which daemon has access 


finger vulnerabilities 


• Hole 1 - allows a symbolic link to privileged files 
when finger Is run setuld to root 

- Fixed In SunOS 4.0.3 (BugID 1015128) and BSD 
4.3 Tahoe 

- Exploited by Morris Worm 

• Hole 2 - allows an attacker to flood the Input buffer 
with finger requests and subsequently gain 
unauthorized root privileges 

- Workaround - remove setuld from finger 

- Patch available from most vendors 
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finger vulnerabilities (continued) 


• finger is often used by an attacker to find other 
account names and home directories — can be used 
in connection with other vulnerabilities 


ftp vulnerabilities 


• Hole 1 - allows unauthorized root access when 
anonymous ftp is enabled on older UNIX 
systems 

- Patch available 

- Allows user to modify any file In system 
(including /etc/passwd) 

• Hole 2 - allows unauthorized file access (e.a.. 

/etc/passwd) * 

— Patch available 
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Other frequently exploited 
UNIX vulnerabilities 


• tftp - permits an attacker to remotely read any world 
readable file (including password file) 

- Patch available (tftp -d to specify a directory to 
chroot Into) 

- Workaround: disable function or replace with 
tftpbootd 

• /bin/mall - on ULTRIX systems, makes It possible 
for an attacker to create a shell with EUID=0 (root) 

• On Sun systems, FSIRAND function is predicable, 
allowing an unauthorized user to mount file systems 
remotely 


Other frequently exploited 
UNIX vulnerabilities (continued) 

• rep (remote copy) - allows remote copying of user 
readable files. 

- Workaround available 

- Patch available 

• nis (network information service) and nfs (network 
file system) - many vulnerabilities 

• dump/restore - runs as root and can allow 
unauthorized user to overwrite system files 


l-CO 
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Other recommended strategies 

• Make backups— minimum of once every month 

• Read system logs dally, checking especially for 
• Unsuccessful login attempts 

- su's to other accounts (especially root) 

- Unusual messages from daemons that log to the 
syslog file 

• Be on the alert for unexplained changes In file 
sizes/dates, number of links to files, unsuccessful 
login attempts, etc. 

• Encrypt sensitive flies (but don’t use Crypt!) 

l -<2 
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Scenario for the "big fail" 





lack of system maintenance | 


unpatched vulnerabilities 


configuration 

problems 


Improper 

permissions 





unpassworded 

accounts 

weak 

passwords 




The Internet 



y^OSI (in th« future) 


RSCS 
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Bear in mind that nodenames are NOT necessarily unique to any of v 

the previously mentioned DECnet networks. YOU Can also USe X.500 White pages Service: 
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(Partial results only-not all DSAs could be reached) 
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The same technique use to discover a legitimate username on a 
particular BITnet machine may also be used in the IP world. 




471 



o 

cc 

u i 

o 

< 

cc 


i- « s 

C o M 

!«* 

0 • S 

^ C XL 
*- O O 

£ £ E 

1 

2 ?s 
ii 3 

O^o 

:?1 

2 <o > 

iss 

*Sj 

E ir ® 

8^1 

I*- 

3 a» « 

o E ® 

*152 

>*-* CL 

(0 «#** 
C • 3 

9 = ° 
in 
(0 


uj 


< 

X 

UJ 


Sit 


CD 

co 

a 

E 

w 

Q. 

O 


o 

CO 


CO 

to 

81 


2 
E o 

oO 

25 

ei 

ii 

SS 
* (/) 
T> Q 
®0 


~ o 

is 


E J 2 ^ 

wow f %¥ 

m i e ® e 2 :> § 

E Eo»^»g I M 

-is:' R j; i -8 

M o v> E E g ® 

E" E S»SE"n o £ ~ 

w (fl r u) C C O _ ft — 

°«g E 0 E <0 .3 

c' - E „ o 2 ®° 2 — S« 

!«o 9E w E g |c 

° e ^ 8 ?SLe e ?s 

J( 1 g «»8 e '-©* , »o ° E ~ 

E E_ ff g_®®o ^ £ 

,1 no <” - c '‘ _ c >, 

°n ^ ^ o^pT-w^ k c« 

?~ooSSg*S s I * 

s;iR§ 5 s ; r^ § || 

pjcJO rt -g 2 

5 w o>-i-C J« iS'' J? ^ 

^>>C0LLJLU^ > _ : © CL ~ Em 

sgsiS5*|sf.5 I »| 

|SrSS|||t| i ?! 

si; 8 »ir *"5 I °5 

-2 5zz ^2 o £ E 3 O 

® * 2 k ZZ = cl ti™ <3 © a ^ 

I &!«'*: ::::::::: | |i 

;igsi! 8 sr^ rc || 

^r.cNjn^intDNcoo»o^Nnj*OjDN«o) 0 ^ — g 


O 

z 

CL m 


3 9 
a x: 

18 

8 E 


1 15 

Ss 

1 S 

5 3 



J s 

UJ 

o 

11 

a 

z 

<C (0 
CO 

S 

< 

E 

31 

M 

ul 


"2 s 

$ M 

c o 
o x: 

c (4 
Ef . 

>s ® • 

M > JO 
3 O *® 

• Tg > 

V M « 


151 

• c ® 

3 3 3 


> 

O 


c 

£ 


o 

c 


M M 

E E 

|gg 

« • • 

See 

*D *5 ~ 

»*?? 

s?? 

21 “l" 
co a a 

: ; ee 

04 o u 

o — — 

mOO 
J3 CM OJ 
^ ad co 

> oi oi 
O o o 
O *- r 
^ co oo 

< 

ZEE 

OSS 

CL *” ^ 

CO £ £ 

7 ® ® 

4 L_ *-» 

0 X 3-0 

CL S 3 


472 


with privs.. 


You can use WHOIS to find all users 
registered on a particular node 


(O 

o 


£ 


U| 


<£<6(£<&<0u><0cA^>d> 

S5ooo55525 

^ co «2 cn co o o £2 ro 


» J$ 

8 §S 2 

Is 5 S 

Z 2li.O 
O f : W U. 

ll f-> o </) 

gw 69 

^qzo 

— o h z 
z ^ Ll t- 

Z Q LL 



t [“ ^ Q 

“oz® 

- ^ Ui O 

8 85 Sifc 


• * 

& © 

-:§ 

2 -c 

x y 

s i 
• > 

U 


i ? 


CO 


CD 5 ° 

02*0*00. Ij 

c * 2 8 ~ 3 ST< ~ 

r ffflO " £J0vS 

§ I w 3 £ Q- ^ 

srf s 


ilmiiij 


*!' 


5 



5 3 

CO CD 
CD ^ 

to 

cd cn 
co M’ 


a 

3 


-SC 

o 

o 


V> £ 

Is 
'ft 

- V. 5 -S 

i. _ nj 

S 2 O 3 
3 » a o 

• o « “ 

-O in CD (/) 

5 ||o 

CO 3 U X 

sill 

E “ 3 

• J3 .» o 

|=-"? 

M « • w 

•sf 5 

“5 !.s 
m . w 

•» r= «i 
^ 8 ?! 

•• X) a> £ 2 

2 « *Q.g 

Ills 3 




fl 


a 


CO 

~3 

=-S 
2 t ' 
O 2 

5 | 

fo 

■e-o 

a® 

»0 5 

in < 
C > 

_cd 

55 

CO j| 

X S 

w ’ H- 

CO 


£ CD * 

3 §=? 

CO < 

5 S Q 

® OC 

: z O 
i ^ u. 


® i/j - 

Q £ 



—I co 2? cn —I 
58«o5 
> *v ^ *? >- 
SSS 83 
aS t ®5 

< ^ r» 
OZfflo? 
CL *5 CD CO ± 

< Q ct> w 2 

- — ' • ^ III 

iS-oi 

5N°Oh 
uj «? -i < 2 

o^s^i 

S“>zi 

t 2 ff u? 2 

E £2< w ~ 

CD — ’ ro 
w> 
u 


CO CM <r% 

CD OS OS 
ggS 
Y t N 

CM CO uS 

to in S 
10 « 3 


E 1 

& LU 
S v 

”o 

3 

X 


< 

z 

X 


CD 


CO 


ID 

e |8 

•22 

• o — 

«<c| 

OZ < 
€ OC c 

* ID £ 

V CD CD 


c3 2 cvi o 

CM < 71 w 
CD '-'52 © 

< ^ < g 

— - d; K_ 

cc! £ * 

|I?S 

< < < o 

E E E' E' 

sees 

WWW w 



•= o 

H ° 

2 j= 

* .y 


* E 
S? 

x A 


% ? 

£j 

.« O 


Q ™ C 

u Q UJ 

E E E 

see 

WWW 


llaS* 

U. U- X " ® 

« 

z 

fi 

X x 

E E E E E 

C 

E E 

© © © © © 

CD CD 55 5> 55 

© 

55 

© © 

55 5> 


o «s 


473 



SI 


> 

o 


5 

o 


2 

2 

X 

z 


2 c 
© u 
® 3 
X <D 

*5 ^ ® 

J£Ol 

S°o-g 

D £©" 

SBso 

co 45 > 5 

o © 

2 2 = ! 

s s § I 

n (0 to t 
Z Z CO CD 



*o 

o 

2 

cc 


2 o| 

° - z 

6z^ 

U13>< 
O J o 
< Z .- 

* 5 a 

i — * 00 

5ot" 

Q. O W 

qSw 


cn 

6> 


CM 

o 


o ® 

T3 * 

© 

© .E 

13. CO 

3 © 

to m 

« s 

C 
CO 

E 
o 
Q 


o 

o > 

~ O 

0 

1 

Z 

S3 
a z 
x > 
z < 

l c 


O 

0 

1 


<o 


z 

6 ^ 

3 «b 


O Jl .OJ 
o CD 

n cm 


<o 

E 

M 

iS 
*- ~> 
CO * 

&! 


e s 

i* 

is 

• _* 

S2 o 

*« 

I! 

P - 

if 

« ® « 
o — © 
r ; to 

£ jjjs 

• _ ® 

® Cw ♦-• 


o « X* 

h j ; 


E 

c 


3 

O 


* 

o 


t: 

3 


O) 

C .E 

Q. 

O a> 

Z ® 

|° 

© 

s 

III 

*8* 

2 ° o 

« ■= K 

T3 nJ ^ 

s« . 

c ® s 

® -C ® 

i: 

3 ® O 

< • g 

o '<*= 

c — c 

g O.E 

tzs ^ o 
« 52 •§ 

s *-» — 

E © © 

“1 -c .c 


= © 
- M O 

o © rt 


■S 

i * 

w C 

3* 

5 © 


5 w 
«; 
I! 

M M 

s s 


*3 

3 O 

° • 
■o £ 


O -C 
10 « 

« • 

s ? 
3 CO 


o 

>- 




in 

co 

o 


< 

O 

2 

© 


ts 

© 

3= 

O 

2 

P 

ui 

z 


o 

o 


co ® 


Ui 

z 

k- 

© 

c 

© 

o -C 
“ o 


m 0 

S DC 

co 


-Jt 

CM ~< “ 
-SOTO 

i- OT < 3 

JS^gS 

i , 2 s 


3 OS= 


l 1 .!® 

h |f i 

¥ls 

s 5 


© 

« E 

.. 2 

0 © 

o< 

E E 


© T> 

is 

< 
• z 

z o 


>» 

XI 

2 

Is 

a.® 
cf ^ 

a° 

© CD 

E £ 

© ^ 

CO > 

© o 

5 o 
- < 
E < 
2 z 

&b 
co oc 

c< 
© O 
E 9: 

o CO 

Q z 


5 CO 


O 

a 

< 

CO 

< 

z 

6 

x 

< 


c 

© 


CO 

o 

c 

0 

1 

© 

£ 


CO 

© 

o 

g 

X 


© 

I* 

© CO 
£ ^ 

2 > 

9* 

© 40 
CO ® 

sj* 

|8 

* 3 


FI 
£ ? 
i • 

■o •" 

O s 

w © 
— O 
to _ 

iC 

Is 

CO 

© 


TJ 

© © 


^5 


£ oi 


474 


ftp nic.ddn.mil 

get /netinfo/user-template.txt 



NSLOOKUP allows you to convert IP numbers to names, convert mx 
records, dump all nodes a nameserver knows about and more. 
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Finding a Grumman noda callad GDSaomathlng 
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Other neat things you can do with NSLOOKUP 
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EXAMPLE But sometimes the address you're given doesn't seem like a 

legitimate hostname 

$ mu nslookup 

Default Server: dftsrv.gsfc.nasa.gov Perhaps it’s an MX record. That is, mail destined for that host is sent 

Address: 128.183.10.134 thru a 'Mail exchanger' or gateway that forwards it appropriately. 
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The safest way to use NSLOOKUP is probably with the /type«sny But unless you know how to read this, you may come down with a bad 

qualifier case of information overload. 
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TCP/IP Tutorial 


John McMahon 
TGV, Inc. 


Due to size and copyright considerations, 
Mr. McMahon’s tutorial materials will be 
made available upon request to the NSI NIC. 
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IV. Exhibit Summaries 


preceding page blank not filmed 


485 





Third Annual NSIUWG Conference 
HIS! Networking m the Nineties 
EXHIBITORS 

(AU exhibits are located in the Annapolis Room on the lobby level. Exhibitors will be available from 1:30 to 
5:00 Tuesday through Thursday and 10:00 to noon on Friday.) 


NASA Science Internet User Support Office 


Members of the NSI User Support office wil 1 inform NSI users of the various services 
available to them as a result of being a member of the NSI user community. 

NASA Science Internet Network Operations Center 

Members of the NASA Science Internet Operations staff will demonstrate real time 
monitoring capabilities of the NSI/NOC Jocated at the NASA Ames Research Centei. 

NASA Center for Computational Studies 

The NCCS provides computational services and tools in a data rich environment to 
scientists supported by NASA's Office of Space Sciences and Applications. Programs 
include a computational physics group and a scientific visualization laboratory. 
Resources include: Cray Y-MP 8/464, Convex 220, MasPar MP-1, Ultra network, and 
associated mass data storage and delivery systems. 

TAE Plus 

TAE is i software development tool . 

GDAAC 

NCDS and PLDS The Earth Observing Systems Goddard Distributed Active Archive 
Center represents global change disciplines through its baseline systems: The NASA 
Climate Data System and Pilot Land Data System. The Goddard DAAC is developing 
innovative data management systems to handle the tremendous volume of data expected 
in the EOS era. 


EOSDIS IMS Version 

The EOSDIS IMS Version 0 Inventory Interoperability Proof of Concept Demonstration 
is a cooperative effort between the IMS system level coordination/ development team and 
the distributed DAAC software develompent teams. This software demonstrates the 
capability to access heterogeneous distributed inventories of scientific metadata. 

MASTER DIRECTORY 

The Master Directory is a free on-line data information service. It is a multidisciplinary and 
multri-agency information service. 


NSIUWG: March! April. 1992 

*U.S. GOVERNMENT PRINTING OFFICE: 1993-728=150-60045 
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